Exposição de Drupal
CMS259
score de exposição
100.544
sites usam
4
em exploração
8
críticos
CVEs
84 resultadosCVE-2025-12848HIGHXSS vulnerability when rendering filename in Webform MultiformEPSS 0.3%CVE-2026-0750HIGHPayment bypass in Commerce PayboxEPSS 0.3%CVE-2026-3216MEDIUMDrupal Canvas - Moderately critical - Server-side request forgery, Information disclosure - SA-CONTRIB-2026-017EPSS 0.3%CVE-2025-13080MEDIUMDrupal core - Moderately critical - Denial of Service - SA-CORE-2025-005EPSS 0.3%CVE-2024-24837MEDIUMCross-Site Request Forgery (CSRF) vulnerability in FG PrestaShop, FG Drupal and FG Joomla WordPress pluginsEPSS 0.3%CVE-2025-31673MEDIUMDrupal core - Moderately critical - Access bypass - SA-CORE-2025-002EPSS 0.3%CVE-2025-3057MEDIUMDrupal core - Critical - Cross site scripting - SA-CORE-2025-001EPSS 0.3%CVE-2025-3739MEDIUMDrupal 8 Google Optimize Hide Page - Critical - Unsupported - SA-CONTRIB-2025-040EPSS 0.3%CVE-2025-13083LOWDrupal core - Moderately critical - Information disclosure - SA-CORE-2025-008EPSS 0.2%CVE-2026-6365MEDIUMDrupal core - Critical - Cross-site scripting - SA-CORE-2026-001EPSS 0.2%CVE-2026-8492LOWTranslate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035EPSS 0.2%CVE-2025-47706MEDIUMEnterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-052EPSS 0.2%CVE-2025-7716MEDIUMReal-time SEO for Drupal - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-091EPSS 0.2%CVE-2025-13081MEDIUMDrupal core - Moderately critical - Gadget chain - SA-CORE-2025-006EPSS 0.2%CVE-2025-47709MEDIUMEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-055EPSS 0.2%CVE-2026-0749MEDIUMCross-Site Scripting Vulnerability in Drupal Form Builder ModuleEPSS 0.2%CVE-2025-6675MEDIUMEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-082EPSS 0.2%CVE-2026-6367MEDIUMDrupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003EPSS 0.2%CVE-2025-48294MEDIUMWordPress FG Drupal to WordPress plugin <= 3.90.0 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-11570MEDIUMVersions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting (XSS) due to insufficieEPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →