Drupal Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Drupal Project Issue Tracking Module6
Drupal EveryBlog6
Drupal CMS6
Drupal Bibliography Module4
Drupal User Karma module4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix130
Temporary Fix0
Workaround0
Unavailable12
Not Defined16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High60
Functional0
Proof-of-Concept54
Unproven16
Not Defined28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local0
Adjacent0
Network158

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low56
None102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required100
None58

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤442
≤552
≤618
≤718
≤826
≤90
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤30
≤458
≤550
≤620
≤728
≤80
≤90
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤442
≤552
≤618
≤718
≤826
≤90
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k2
<2k106
<5k50
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k158
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Products (114): Acidfree (1), Administrator (1), Aggregation module (3), Ajax Checklist (2), Archive Module (1), Atom Module (1), BUEditor (1), Bibliography Module (2), BlueMasters (1), Brilliant Gallery (2), CCK comment reference (1), CMS (6), Chatroom Module (2), Comment Mail (1), Comment Upload Module (1), Commons (1), Content Construction Kit (3), Context Form Alteration module (1), Counter module (1), Custom Search module (2), Cvs Management And Tracker (1), Database Administration Module (2), Devel module (1), Doubleclick for Publishers (1), Drupal Pathauto Module (1), Drupal Project Issue Tracking (2), Drupal Pubcookie Module (1), E-Commerce Module (1), E-Publish (2), Easylinks Module (2), Entity API module (1), EveryBlog (4), Extended Tracker (1), FAQ (1), Feature Module (1), Feedapi Mapper (1), Fileshare module (1), Form Mail Module (1), Forward module (1), Header Image (1), Help Tip module (2), Imce Module (2), Internationalization (2), Job Search (1), Link module (1), Link to Us (1), Localization client (2), Localizer (1), LoginToboggan module (2), MAYO (1), Maestro (1), Magic Tabs module (1), Mailhandler (1), Mailsave (1), Mediafield Module (1), Meta Tags Module (1), Modal Frame (1), MySite (1), NewsFlash (1), News Page (1), Nivo Slider (1), Node Clone (1), Node Hierarchy module (1), Nodeaccess Userreference (1), Nodefamily (1), Nodequeue (1), OpenID (1), Organic Groups Menu (1), Organic Groups Module (2), Outline Designer module (1), Paypal Node Module (1), Petition Node module (1), Plus1 (1), Print (5), Print module (1), Professional theme (1), Project (1), Project Issue File Review (1), Project Issue Tracking Module (3), Project Issue Tracking module (2), Project issue tracking module (1), Protected Node module (1), Quiz (1), Randomizer (1), Search Keyword Module (1), Secure Site Module (2), Semantically Interconnected Online Communities (1), Services Module For Drupal (1), Shindig-Integrator (3), Shoutbox (1), SimpleCorp (1), Site Profile Directory Module (1), Skeleton theme (1), Stock Module (1), Suggested Terms module (1), Talk (2), Tasklist (1), Taxonomy Autotagger module (2), Taxonomy Image module (1), Taxonomy Theme module (1), Taxonomy manager (1), Tinytax Taxonomy Block Module (1), TrailScout module (2), Tribune (1), Ubercart Module (3), User Karma module (2), Userpoints Module (1), Userreview module (1), Views (2), Views Bulk Operations (1), Webform Module (1), Workflow (1), Zen (1), linkchecker (1)

Link to Vendor Website: https://www.drupal.org/

PublishedBaseTempVulnerabilityProdExpRemEPSSCTICVE
04/10/20185.45.1Drupal Entity API module Access Restriction access controlContent Management SystemNot DefinedOfficial Fix0.002240.00CVE-2014-1400
08/16/20178.07.7Drupal CMS access controlContent Management SystemNot DefinedOfficial Fix0.006170.00CVE-2017-6925
08/16/20174.64.5Drupal CMS REST API privileges managementContent Management SystemNot DefinedOfficial Fix0.005390.00CVE-2017-6924
08/16/20174.34.2Drupal CMS Ajax Endpoint authorizationContent Management SystemNot DefinedOfficial Fix0.001280.00CVE-2017-6923
04/21/20154.34.1Drupal Administrator cross-site request forgeryContent Management SystemNot DefinedOfficial Fix0.001600.00CVE-2015-3351
11/12/20144.34.1Drupal Organic Groups Menu Administration Page access controlContent Management SystemNot DefinedOfficial Fix0.001200.00CVE-2014-8734
10/16/20144.34.0Drupal Modal Frame cross site scriptingContent Management SystemHighOfficial Fix0.002200.05CVE-2014-8296
10/14/20144.34.1Drupal Project Issue File Review cross site scriptingFeedback SoftwareNot DefinedOfficial Fix0.001400.00CVE-2014-8765
10/13/20143.53.4Drupal Doubleclick for Publishers cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-8748
10/13/20144.34.1Drupal Commons Commons Module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.002590.00CVE-2014-8747
10/13/20143.53.4Drupal Skeleton theme cross site scriptingContent Management SystemHighOfficial Fix0.001020.00CVE-2014-8746
10/13/20143.53.4Drupal Custom Search module Search Module cross site scriptingContent Management SystemHighOfficial Fix0.001090.00CVE-2014-8745
10/13/20143.53.4Drupal Nivo Slider cross site scriptingContent Management SystemHighOfficial Fix0.001110.00CVE-2014-8744
10/13/20143.53.4Drupal Maestro cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-8743
10/09/20143.53.4Drupal MAYO MAYO Theme cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001130.00CVE-2014-8079
10/09/20143.53.4Drupal Print cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001130.00CVE-2014-8078
10/09/20143.53.4Drupal NewsFlash cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001130.00CVE-2014-8077
10/09/20143.53.4Drupal Professional theme cross site scriptingContent Management SystemHighOfficial Fix0.001020.00CVE-2014-8076
10/09/20143.53.5Drupal Tribune cross site scriptingContent Management SystemNot DefinedNot Defined0.001200.00CVE-2014-8075
10/08/20143.53.4Drupal Zen template.php cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000890.00CVE-2014-7980
10/08/20143.53.4Drupal SimpleCorp cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-7979
10/08/20143.53.4Drupal BlueMasters cross site scriptingContent Management SystemNot DefinedOfficial Fix0.001110.00CVE-2014-7978
10/06/20143.53.4Drupal Custom Search module Search Module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-7870
10/06/20143.53.4Drupal Context Form Alteration module cross site scriptingContent Management SystemNot DefinedOfficial Fix0.000820.00CVE-2014-7869
09/25/20124.34.1Drupal FAQ cross site scriptingContent Management SystemNot DefinedOfficial Fix0.003410.00CVE-2012-1646

133 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!