Drupal Vulnerabilità

Sequenza temporale

Genere

Content Management System	148
Project Management Software	6
E-Commerce Management Software	2
Feedback Software	2

Prodotto

Drupal Print	6
Drupal Shindig-Integrator	6
Drupal CMS	6
Drupal Project Issue Tracking Module	4
Drupal Internationalization	4

Contromisure

Official Fix	130
Temporary Fix	0
Workaround	0
Unavailable	14
Not Defined	14

Sfruttabilità

High	56
Functional	0
Proof-of-Concept	38
Unproven	12
Not Defined	52

Accesso al vettore

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	158

Autenticazione

Not Defined	0
High	0
Low	62
None	96

Interazione dell'utente

Not Defined	0
Required	90
None	68

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	36
≤5	44
≤6	12
≤7	36
≤8	22
≤9	0
≤10	8

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	40
≤5	44
≤6	40
≤7	26
≤8	0
≤9	4
≤10	4

VulDB

≤1	0
≤2	0
≤3	0
≤4	36
≤5	42
≤6	10
≤7	40
≤8	22
≤9	0
≤10	8

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	4
≤8	2
≤9	0
≤10	0

CNA

≤1	4
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Fornitore

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 giorni

<1k	4
<2k	92
<5k	62
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	158
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (114): Acidfree (1), Administrator (1), Aggregation module (3), Ajax Checklist (2), Archive Module (1), Atom Module (1), BUEditor (1), Bibliography Module (2), BlueMasters (1), Brilliant Gallery (2), CCK comment reference (1), CMS (6), Chatroom Module (2), Comment Mail (1), Comment Upload Module (1), Commons (1), Content Construction Kit (3), Context Form Alteration module (1), Counter module (1), Custom Search module (2), Cvs Management And Tracker (1), Database Administration Module (2), Devel module (1), Doubleclick for Publishers (1), Drupal Pathauto Module (1), Drupal Project Issue Tracking (2), Drupal Pubcookie Module (1), E-Commerce Module (1), E-Publish (2), Easylinks Module (2), Entity API module (1), EveryBlog (4), Extended Tracker (1), FAQ (1), Feature Module (1), Feedapi Mapper (1), Fileshare module (1), Form Mail Module (1), Forward module (1), Header Image (1), Help Tip module (2), Imce Module (2), Internationalization (2), Job Search (1), Link module (1), Link to Us (1), Localization client (2), Localizer (1), LoginToboggan module (2), MAYO (1), Maestro (1), Magic Tabs module (1), Mailhandler (1), Mailsave (1), Mediafield Module (1), Meta Tags Module (1), Modal Frame (1), MySite (1), NewsFlash (1), News Page (1), Nivo Slider (1), Node Clone (1), Node Hierarchy module (1), Nodeaccess Userreference (1), Nodefamily (1), Nodequeue (1), OpenID (1), Organic Groups Menu (1), Organic Groups Module (2), Outline Designer module (1), Paypal Node Module (1), Petition Node module (1), Plus1 (1), Print (5), Print module (1), Professional theme (1), Project (1), Project Issue File Review (1), Project Issue Tracking Module (3), Project Issue Tracking module (2), Project issue tracking module (1), Protected Node module (1), Quiz (1), Randomizer (1), Search Keyword Module (1), Secure Site Module (2), Semantically Interconnected Online Communities (1), Services Module For Drupal (1), Shindig-Integrator (3), Shoutbox (1), SimpleCorp (1), Site Profile Directory Module (1), Skeleton theme (1), Stock Module (1), Suggested Terms module (1), Talk (2), Tasklist (1), Taxonomy Autotagger module (2), Taxonomy Image module (1), Taxonomy Theme module (1), Taxonomy manager (1), Tinytax Taxonomy Block Module (1), TrailScout module (2), Tribune (1), Ubercart Module (3), User Karma module (2), Userpoints Module (1), Userreview module (1), Views (2), Views Bulk Operations (1), Webform Module (1), Workflow (1), Zen (1), linkchecker (1)

Link to Vendor Website: https://www.drupal.org/

Data di pubblicazione	Base	Temp	Vulnerabilità	Prod	Sfr	Con	EPSS	CTI	CVE
10/04/2018	5.4	5.1	Drupal Entity API module Access Restriction escalazione di privilegi	Content Management System	Not Defined	Official Fix	0.00224	0.00	CVE-2014-1400
16/08/2017	8.0	7.7	Drupal CMS escalazione di privilegi	Content Management System	Not Defined	Official Fix	0.01090	0.02	CVE-2017-6925
16/08/2017	4.6	4.5	Drupal CMS REST API escalazione di privilegi	Content Management System	Not Defined	Official Fix	0.00953	0.03	CVE-2017-6924
16/08/2017	4.3	4.2	Drupal CMS Ajax Endpoint escalazione di privilegi	Content Management System	Not Defined	Official Fix	0.00155	0.00	CVE-2017-6923
21/04/2015	4.3	4.1	Drupal Administrator cross site request forgery	Content Management System	Not Defined	Official Fix	0.00160	0.00	CVE-2015-3351
12/11/2014	4.3	4.1	Drupal Organic Groups Menu Administration Page escalazione di privilegi	Content Management System	Not Defined	Official Fix	0.00120	0.00	CVE-2014-8734
16/10/2014	4.3	4.0	Drupal Modal Frame cross site scripting	Content Management System	High	Official Fix	0.00220	0.02	CVE-2014-8296
14/10/2014	4.3	4.1	Drupal Project Issue File Review cross site scripting	Feedback Software	Not Defined	Official Fix	0.00140	0.00	CVE-2014-8765
13/10/2014	3.5	3.4	Drupal Doubleclick for Publishers cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-8748
13/10/2014	4.3	4.1	Drupal Commons Commons Module cross site scripting	Content Management System	Not Defined	Official Fix	0.00265	0.00	CVE-2014-8747
13/10/2014	3.5	3.4	Drupal Skeleton theme cross site scripting	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8746
13/10/2014	3.5	3.4	Drupal Custom Search module Search Module cross site scripting	Content Management System	High	Official Fix	0.00111	0.00	CVE-2014-8745
13/10/2014	3.5	3.4	Drupal Nivo Slider cross site scripting	Content Management System	High	Official Fix	0.00111	0.02	CVE-2014-8744
13/10/2014	3.5	3.4	Drupal Maestro cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.02	CVE-2014-8743
09/10/2014	3.5	3.4	Drupal MAYO MAYO Theme cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8079
09/10/2014	3.5	3.4	Drupal Print cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8078
09/10/2014	3.5	3.4	Drupal NewsFlash cross site scripting	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8077
09/10/2014	3.5	3.4	Drupal Professional theme cross site scripting	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8076
09/10/2014	3.5	3.5	Drupal Tribune cross site scripting	Content Management System	Not Defined	Not Defined	0.00120	0.00	CVE-2014-8075
08/10/2014	3.5	3.4	Drupal Zen template.php cross site scripting	Content Management System	Not Defined	Official Fix	0.00089	0.00	CVE-2014-7980
08/10/2014	3.5	3.4	Drupal SimpleCorp cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7979
08/10/2014	3.5	3.4	Drupal BlueMasters cross site scripting	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7978
06/10/2014	3.5	3.4	Drupal Custom Search module Search Module cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7870
06/10/2014	3.5	3.4	Drupal Context Form Alteration module cross site scripting	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7869
25/09/2012	4.3	4.1	Drupal FAQ cross site scripting	Content Management System	Not Defined	Official Fix	0.00341	0.02	CVE-2012-1646

133 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 133 results.

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!