Exposición de Drupal
CMS259
score de exposición
100.544
sitios usan
4
en explotación
8
críticos
CVEs
84 resultadosCVE-2010-2472—Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version 5.22 do not sanitize the display of languagEPSS 0.8%CVE-2025-41240CRITICALMounted Kubernetes Secrets under a predictable path located within the web server document rootEPSS 0.7%CVE-2020-13663—Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, whichEPSS 0.7%CVE-2020-13688—Cross-site scripting vulnerability in l Drupal Core allows an attacker could leverage the way that HTML is rendered for affected forms in orEPSS 0.7%CVE-2024-13258CRITICALDrupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022EPSS 0.6%CVE-2022-26493CRITICALminiOrange SAML Authentication BypassEPSS 0.5%CVE-2024-31247MEDIUMWordPress FG Drupal to WordPress plugin <= 3.70.3 - Sensitive Data Exposure via Log File vulnerabilityEPSS 0.5%CVE-2025-31674HIGHDrupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003EPSS 0.5%CVE-2024-11941HIGHDrupal core - Moderately critical - Denial of Service - SA-CORE-2024-001EPSS 0.4%CVE-2025-3062MEDIUMDrupal Admin LTE theme - Critical - Unsupported - SA-CONTRIB-2025-010EPSS 0.4%CVE-2025-31675MEDIUMDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004EPSS 0.4%CVE-2024-55634HIGHDrupal core - Moderately critical - Access bypass - SA-CORE-2024-004EPSS 0.4%CVE-2026-6366MEDIUMDrupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002EPSS 0.4%CVE-2026-1556MEDIUMInformation disclosure via file URI overwrite in File (Field) PathsEPSS 0.4%CVE-2024-11942MEDIUMDrupal core - Moderately critical - Improper error handling - SA-CORE-2024-002EPSS 0.4%CVE-2024-13310MEDIUMGit Utilities for Drupal - Critical - Unsupported - SA-CONTRIB-2024-074EPSS 0.4%CVE-2025-47707HIGHEnterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-053EPSS 0.4%CVE-2025-47710HIGHEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-056EPSS 0.3%CVE-2024-12393MEDIUMDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003EPSS 0.3%CVE-2024-55635MEDIUMDrupal core - Critical - Cross Site Scripting - SA-CORE-2024-005EPSS 0.3%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →