Drupal 漏洞

时间轴

类型

Content Management System	144
Project Management Software	12
Feedback Software	2

产品

Drupal Content Construction Kit	6
Drupal Shindig-Integrator	4
Drupal Custom Search module	4
Drupal Ubercart Module	4
Drupal Views	4

修正

Official Fix	132
Temporary Fix	0
Workaround	0
Unavailable	8
Not Defined	18

易受攻击性

High	56
Functional	0
Proof-of-Concept	44
Unproven	12
Not Defined	46

访问向量

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	158

身份验证

Not Defined	0
High	0
Low	52
None	106

用户交互

Not Defined	0
Required	102
None	56

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	32
≤5	62
≤6	10
≤7	28
≤8	20
≤9	0
≤10	6

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	46
≤5	52
≤6	30
≤7	24
≤8	0
≤9	4
≤10	2

VulDB

≤1	0
≤2	0
≤3	0
≤4	32
≤5	60
≤6	10
≤7	30
≤8	20
≤9	0
≤10	6

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	2
≤9	0
≤10	0

CNA

≤1	2
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	4
<2k	102
<5k	52
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	158
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (114): Acidfree (1), Administrator (1), Aggregation module (3), Ajax Checklist (2), Archive Module (1), Atom Module (1), BUEditor (1), Bibliography Module (2), BlueMasters (1), Brilliant Gallery (2), CCK comment reference (1), CMS (6), Chatroom Module (2), Comment Mail (1), Comment Upload Module (1), Commons (1), Content Construction Kit (3), Context Form Alteration module (1), Counter module (1), Custom Search module (2), Cvs Management And Tracker (1), Database Administration Module (2), Devel module (1), Doubleclick for Publishers (1), Drupal Pathauto Module (1), Drupal Project Issue Tracking (2), Drupal Pubcookie Module (1), E-Commerce Module (1), E-Publish (2), Easylinks Module (2), Entity API module (1), EveryBlog (4), Extended Tracker (1), FAQ (1), Feature Module (1), Feedapi Mapper (1), Fileshare module (1), Form Mail Module (1), Forward module (1), Header Image (1), Help Tip module (2), Imce Module (2), Internationalization (2), Job Search (1), Link module (1), Link to Us (1), Localization client (2), Localizer (1), LoginToboggan module (2), MAYO (1), Maestro (1), Magic Tabs module (1), Mailhandler (1), Mailsave (1), Mediafield Module (1), Meta Tags Module (1), Modal Frame (1), MySite (1), NewsFlash (1), News Page (1), Nivo Slider (1), Node Clone (1), Node Hierarchy module (1), Nodeaccess Userreference (1), Nodefamily (1), Nodequeue (1), OpenID (1), Organic Groups Menu (1), Organic Groups Module (2), Outline Designer module (1), Paypal Node Module (1), Petition Node module (1), Plus1 (1), Print (5), Print module (1), Professional theme (1), Project (1), Project Issue File Review (1), Project Issue Tracking Module (3), Project Issue Tracking module (2), Project issue tracking module (1), Protected Node module (1), Quiz (1), Randomizer (1), Search Keyword Module (1), Secure Site Module (2), Semantically Interconnected Online Communities (1), Services Module For Drupal (1), Shindig-Integrator (3), Shoutbox (1), SimpleCorp (1), Site Profile Directory Module (1), Skeleton theme (1), Stock Module (1), Suggested Terms module (1), Talk (2), Tasklist (1), Taxonomy Autotagger module (2), Taxonomy Image module (1), Taxonomy Theme module (1), Taxonomy manager (1), Tinytax Taxonomy Block Module (1), TrailScout module (2), Tribune (1), Ubercart Module (3), User Karma module (2), Userpoints Module (1), Userreview module (1), Views (2), Views Bulk Operations (1), Webform Module (1), Workflow (1), Zen (1), linkchecker (1)

Link to Vendor Website: https://www.drupal.org/

已发布	Base	Temp	漏洞	Prod	易	修正	EPSS	CTI	CVE
2018-04-10	5.4	5.1	Drupal Entity API module Access Restriction 权限升级	Content Management System	Not Defined	Official Fix	0.00224	0.00	CVE-2014-1400
2017-08-16	8.0	7.7	Drupal CMS 权限升级	Content Management System	Not Defined	Official Fix	0.01090	0.02	CVE-2017-6925
2017-08-16	4.6	4.5	Drupal CMS REST API 权限升级	Content Management System	Not Defined	Official Fix	0.00953	0.03	CVE-2017-6924
2017-08-16	4.3	4.2	Drupal CMS Ajax Endpoint 权限升级	Content Management System	Not Defined	Official Fix	0.00155	0.00	CVE-2017-6923
2015-04-21	4.3	4.1	Drupal Administrator 跨网站请求伪造	Content Management System	Not Defined	Official Fix	0.00160	0.00	CVE-2015-3351
2014-11-12	4.3	4.1	Drupal Organic Groups Menu Administration Page 权限升级	Content Management System	Not Defined	Official Fix	0.00120	0.00	CVE-2014-8734
2014-10-16	4.3	4.0	Drupal Modal Frame 跨网站脚本	Content Management System	High	Official Fix	0.00220	0.02	CVE-2014-8296
2014-10-14	4.3	4.1	Drupal Project Issue File Review 跨网站脚本	Feedback Software	Not Defined	Official Fix	0.00140	0.00	CVE-2014-8765
2014-10-13	3.5	3.4	Drupal Doubleclick for Publishers 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-8748
2014-10-13	4.3	4.1	Drupal Commons Commons Module 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00265	0.00	CVE-2014-8747
2014-10-13	3.5	3.4	Drupal Skeleton theme 跨网站脚本	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8746
2014-10-13	3.5	3.4	Drupal Custom Search module Search Module 跨网站脚本	Content Management System	High	Official Fix	0.00111	0.00	CVE-2014-8745
2014-10-13	3.5	3.4	Drupal Nivo Slider 跨网站脚本	Content Management System	High	Official Fix	0.00111	0.02	CVE-2014-8744
2014-10-13	3.5	3.4	Drupal Maestro 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00111	0.02	CVE-2014-8743
2014-10-09	3.5	3.4	Drupal MAYO MAYO Theme 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8079
2014-10-09	3.5	3.4	Drupal Print 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8078
2014-10-09	3.5	3.4	Drupal NewsFlash 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00116	0.00	CVE-2014-8077
2014-10-09	3.5	3.4	Drupal Professional theme 跨网站脚本	Content Management System	High	Official Fix	0.00102	0.00	CVE-2014-8076
2014-10-09	3.5	3.5	Drupal Tribune 跨网站脚本	Content Management System	Not Defined	Not Defined	0.00120	0.00	CVE-2014-8075
2014-10-08	3.5	3.4	Drupal Zen template.php 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00089	0.00	CVE-2014-7980
2014-10-08	3.5	3.4	Drupal SimpleCorp 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7979
2014-10-08	3.5	3.4	Drupal BlueMasters 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00111	0.00	CVE-2014-7978
2014-10-06	3.5	3.4	Drupal Custom Search module Search Module 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7870
2014-10-06	3.5	3.4	Drupal Context Form Alteration module 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00082	0.00	CVE-2014-7869
2012-09-25	4.3	4.1	Drupal FAQ 跨网站脚本	Content Management System	Not Defined	Official Fix	0.00341	0.02	CVE-2012-1646

133 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 133 results.

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!