Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / drupal

drupal

509 tracked vulnerabilities.

Drupal Node Hierarchy Module - Unauthenticated Node Hierarchy Modification via Access Check Bypass

Drupal Magic Tabs Module 5.x - Remote Code Execution via URL Argument Injection

Taxonomy Image Module 5.x-1.3 and 6.x-1.3 - Cross-Site Scripting

Drupal Ubercart Module < 5-1.0 - Authenticated Cross-Site Scripting via Node Titles

Drupal E-Publish <5-1.1 and <6-1.0 - Cross-Site Scripting

Drupal Ubercart Module < 5.x-1.0-rc1 - Cross-Site Scripting via Address and Order Information Fields

Drupal Webform <5.x-1.10, <5.x-2.0-beta3, <6.x-1.0-beta3 - XSS

Drupal 6.0-6.1 - Unauthenticated Profile Editing and Information Disclosure via Menu System

Drupal Ubercart Module < 5-1.0 - Cross-Site Scripting via Product Text Attribute

Drupal 6.0 - Cross-Site Scripting via checkPlain Function

Drupal 6.0 - Authenticated Cross-Site Scripting via Content Edit Form Titles

Drupal Header Image Module - Unauthenticated Administration Page Access

Drupal Secure Site <4.7.x-1.0, <5.x-1.0 - Privilege Escalation

Comment Upload Module for Drupal - Arbitrary File Upload and Possible Remote Code Execution

Drupal OpenID 5.x-1.0 - Improper Input Validation in claimed_id Verification

Userpoints Module 4.7.x-2.3 5.x-2.16 5.x-3.3 - Cross-Site Request Forgery

Drupal Project Issue Tracking Module XSS (5.x-2.x-dev, 5.x-1.x <= 1.2, 4.7.x-2.x <= 2.6, 4.7.x-1.x <= 1.6)

Drupal Project Issue Tracking Module File Upload/Execution Vulnerability

Drupal Archive Module < 5.x-1.8 - Cross-Site Scripting

Drupal Workflow < 4.7.x-1.1 - Cross-Site Scripting via Node Properties

Drupal Meta Tags Module < 5.x-1.6 - Authenticated Remote Code Execution

BUEditor < 4.7.x-1.0 - Cross-Site Request Forgery via Editor Deletion Form

Drupal 4.7.x-4.7.10 and 5.x-5.5 - Cross-Site Request Forgery in Aggregator Module

Drupal 4.7.x < 4.7.11 and 5.x < 5.6 - Cross-Site Scripting via Invalid UTF-8 Byte Sequences

Drupal 4.7.x and 5.x - Cross-Site Scripting via Theme Template Files

Previous Page 17 of 21 Next

Products

drupal 273 core 91 core-recommended 6 project_issue_tracking_module 6 Drupal core 5 print 5 aggregation_module 4 ai 4 everyblog 4 project 4 ubercart_module 4 Drupal Core 3 OpenID Connect / OAuth client 3 content_construction_kit 3 drupal_project_issue_tracking 3 shindig-integrator 3 File Access Fix (deprecated) 2 activity 2 ajax_checklist 2 artificial_intelligence 2 bibliography_module 2 brilliant_gallery 2 chatroom_module 2 civictheme 2 cookies_consent_management 2 custom_search_module 2 data 2 database_administration_module 2 drupal_easylinks_module 2 google_tag 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy