Drupal Vulnerabilidad

Cronología

Escribe

Content Management System	146
Project Management Software	6
Photo Gallery Software	4
Feedback Software	2

Producto

Drupal CMS	10
Drupal Print	6
Drupal EveryBlog	6
Drupal Ubercart Module	4
Drupal Localization client	4

Contramedidas

Official Fix	136
Temporary Fix	0
Workaround	0
Unavailable	12
Not Defined	10

Explotabilidad

High	66
Functional	0
Proof-of-Concept	44
Unproven	10
Not Defined	38

Vector de acceso

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	158

Autenticación

Not Defined	0
High	0
Low	58
None	100

La interacción del usuario

Not Defined	0
Required	96
None	62

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	42
≤5	48
≤6	16
≤7	14
≤8	30
≤9	0
≤10	8

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	52
≤5	46
≤6	22
≤7	26
≤8	4
≤9	4
≤10	4

VulDB

≤1	0
≤2	0
≤3	0
≤4	42
≤5	46
≤6	14
≤7	20
≤8	28
≤9	0
≤10	8

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	4
≤8	2
≤9	0
≤10	2

CNA

≤1	4
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	2
<2k	104
<5k	52
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	158
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (114): Acidfree (1), Administrator (1), Aggregation module (3), Ajax Checklist (2), Archive Module (1), Atom Module (1), BUEditor (1), Bibliography Module (2), BlueMasters (1), Brilliant Gallery (2), CCK comment reference (1), CMS (6), Chatroom Module (2), Comment Mail (1), Comment Upload Module (1), Commons (1), Content Construction Kit (3), Context Form Alteration module (1), Counter module (1), Custom Search module (2), Cvs Management And Tracker (1), Database Administration Module (2), Devel module (1), Doubleclick for Publishers (1), Drupal Pathauto Module (1), Drupal Project Issue Tracking (2), Drupal Pubcookie Module (1), E-Commerce Module (1), E-Publish (2), Easylinks Module (2), Entity API module (1), EveryBlog (4), Extended Tracker (1), FAQ (1), Feature Module (1), Feedapi Mapper (1), Fileshare module (1), Form Mail Module (1), Forward module (1), Header Image (1), Help Tip module (2), Imce Module (2), Internationalization (2), Job Search (1), Link module (1), Link to Us (1), Localization client (2), Localizer (1), LoginToboggan module (2), MAYO (1), Maestro (1), Magic Tabs module (1), Mailhandler (1), Mailsave (1), Mediafield Module (1), Meta Tags Module (1), Modal Frame (1), MySite (1), NewsFlash (1), News Page (1), Nivo Slider (1), Node Clone (1), Node Hierarchy module (1), Nodeaccess Userreference (1), Nodefamily (1), Nodequeue (1), OpenID (1), Organic Groups Menu (1), Organic Groups Module (2), Outline Designer module (1), Paypal Node Module (1), Petition Node module (1), Plus1 (1), Print (5), Print module (1), Professional theme (1), Project (1), Project Issue File Review (1), Project Issue Tracking Module (3), Project Issue Tracking module (2), Project issue tracking module (1), Protected Node module (1), Quiz (1), Randomizer (1), Search Keyword Module (1), Secure Site Module (2), Semantically Interconnected Online Communities (1), Services Module For Drupal (1), Shindig-Integrator (3), Shoutbox (1), SimpleCorp (1), Site Profile Directory Module (1), Skeleton theme (1), Stock Module (1), Suggested Terms module (1), Talk (2), Tasklist (1), Taxonomy Autotagger module (2), Taxonomy Image module (1), Taxonomy Theme module (1), Taxonomy manager (1), Tinytax Taxonomy Block Module (1), TrailScout module (2), Tribune (1), Ubercart Module (3), User Karma module (2), Userpoints Module (1), Userreview module (1), Views (2), Views Bulk Operations (1), Webform Module (1), Workflow (1), Zen (1), linkchecker (1)

Link to Vendor Website: https://www.drupal.org/

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2018-04-10	5.4	5.1	Drupal Entity API module Access Restriction escalada de privilegios	Content Management System	Not Defined	Official Fix	0.00224	0.00	CVE-2014-1400
2017-08-16	8.0	7.7	Drupal CMS escalada de privilegios	Content Management System	Not Defined	Official Fix	0.01090	0.02	CVE-2017-6925
2017-08-16	4.6	4.5	Drupal CMS REST API escalada de privilegios	Content Management System	Not Defined	Official Fix	0.00953	0.03	CVE-2017-6924
2017-08-16	4.3	4.2	Drupal CMS Ajax Endpoint escalada de privilegios	Content Management System	Not Defined	Official Fix	0.00155	0.00	CVE-2017-6923
2015-04-21	4.3	4.1	Drupal Administrator cross site request forgery	Content Management System	Not Defined	Official Fix	0.00160	0.00	CVE-2015-3351
2014-11-12	4.3	4.1	Drupal Organic Groups Menu Administration Page escalada de privilegios	Content Management System	Not Defined	Official Fix	0.00120	0.00	CVE-2014-8734
2014-10-16	4.3	4.0	Drupal Modal Frame cross site scripting	Content Management System	High	Official Fix	0.00220	0.02	CVE-2014-8296
2014-10-14	4.3	4.1	Drupal Project Issue File Review cross site scripting	Feedback Software	Not Defined	Official Fix	0.00140	0.00	CVE-2014-8765
2014-10-13	3.5	3.4	Drupal Doubleclick for Publishers cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-8748
2014-10-13	4.3	4.1	Drupal Commons Commons Module cross site scripting	Content Management System	Not Defined	Official Fix	0.00265	0.00	CVE-2014-8747
2014-10-13	3.5	3.4	Drupal Skeleton theme cross site scripting	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8746
2014-10-13	3.5	3.4	Drupal Custom Search module Search Module cross site scripting	Content Management System	High	Official Fix	0.00111	0.00	CVE-2014-8745
2014-10-13	3.5	3.4	Drupal Nivo Slider cross site scripting	Content Management System	High	Official Fix	0.00111	0.02	CVE-2014-8744
2014-10-13	3.5	3.4	Drupal Maestro cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.02	CVE-2014-8743
2014-10-09	3.5	3.4	Drupal MAYO MAYO Theme cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8079
2014-10-09	3.5	3.4	Drupal Print cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8078
2014-10-09	3.5	3.4	Drupal NewsFlash cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8077
2014-10-09	3.5	3.4	Drupal Professional theme cross site scripting	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8076
2014-10-09	3.5	3.5	Drupal Tribune cross site scripting	Content Management System	Not Defined	Not Defined	0.00120	0.00	CVE-2014-8075
2014-10-08	3.5	3.4	Drupal Zen template.php cross site scripting	Content Management System	Not Defined	Official Fix	0.00089	0.00	CVE-2014-7980
2014-10-08	3.5	3.4	Drupal SimpleCorp cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7979
2014-10-08	3.5	3.4	Drupal BlueMasters cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7978
2014-10-06	3.5	3.4	Drupal Custom Search module Search Module cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7870
2014-10-06	3.5	3.4	Drupal Context Form Alteration module cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7869
2012-09-25	4.3	4.1	Drupal FAQ cross site scripting	Content Management System	Not Defined	Official Fix	0.00341	0.02	CVE-2012-1646

133 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 133 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!