| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5597)
|
CVE-2007-5597
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2771)
|
CVE-2008-2771
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3742)
|
CVE-2008-3742
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3745)
|
CVE-2008-3745
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4789)
|
CVE-2008-4789
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4790)
|
CVE-2008-4790
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4791)
|
CVE-2008-4791
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4792)
|
CVE-2008-4792
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3092)
|
CVE-2010-3092
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093)
|
CVE-2010-3093
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687)
|
CVE-2011-2687
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0827)
|
CVE-2012-0827
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1590)
|
CVE-2012-1590
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
|
CVE-2012-1591
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2153)
|
CVE-2012-2153
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
|
CVE-2012-4553
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)
|
CVE-2012-4554
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)
|
CVE-2012-5651
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0245)
|
CVE-2013-0245
CWE-264
|
CWE-264
|
Low
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0246)
|
CVE-2013-0246
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-1476)
|
CVE-2014-1476
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5020)
|
CVE-2014-5020
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5267)
|
CVE-2014-5267
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
|
CVE-2014-9015
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169)
|
CVE-2016-3169
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
|
CVE-2016-6211
CWE-264
|
CWE-264
|
High
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7570)
|
CVE-2016-7570
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
|
CVE-2016-7572
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
|
CVE-2022-29248
CWE-565
|
CWE-565
|
High
|
|
Drupal Remote Code Execution (SA-CORE-2018-002)
|
CVE-2018-7600
CWE-94
|
CWE-94
|
High
|
|
Drupal Remote Code Execution (SA-CORE-2018-004)
|
CVE-2018-7602
CWE-94
|
CWE-94
|
High
|
|
Drupal Remote Code Execution Vulnerability (CVE-2020-13671)
|
CVE-2020-13671
|
|
High
|
|
Drupal Resource Management Errors Vulnerability (CVE-2012-1588)
|
CVE-2012-1588
|
|
Low
|
|
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
|
CVE-2013-0316
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
|
CVE-2014-5265
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
|
CVE-2014-5266
|
|
Medium
|
|
Drupal REST Remote Code Execution
|
CVE-2019-6340
CWE-78
|
CWE-78
|
High
|
|
Drupal Session Fixation Vulnerability (CVE-2008-3222)
|
CVE-2008-3222
CWE-384
|
CWE-384
|
Medium
|
|
Drupal trusted_host_patterns setting not configured
|
CWE-16
|
CWE-16
|
Medium
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
|
CVE-2017-6931
CWE-434
|
CWE-434
|
Medium
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13675)
|
CVE-2020-13675
CWE-434
|
CWE-434
|
Critical
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277)
|
CVE-2022-25277
CWE-434
|
CWE-434
|
High
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
|
CVE-2010-2471
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
|
CVE-2015-2749
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
|
CVE-2015-2750
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
|
CVE-2015-7943
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
|
CVE-2016-9451
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
|
CVE-2017-6932
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
|
CVE-2020-13662
CWE-601
|
CWE-601
|
Medium
|
|
Drupal Views module information disclosure vulnerability
|
CWE-200
|
CWE-200
|
Medium
|
|
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
|
CVE-2014-5325
CWE-200
|
CWE-200
|
Medium
|
|
DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326)
|
CVE-2014-5326
CWE-707
|
CWE-707
|
Medium
|
|
e107 Credentials Management Errors Vulnerability (CVE-2013-7305)
|
CVE-2013-7305
|
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
|
CVE-2010-5084
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
|
CVE-2011-4947
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)
|
CVE-2012-6433
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
|
CVE-2012-6434
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
|
CVE-2017-8098
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)
|
CVE-2018-11127
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
|
CVE-2018-15901
CWE-352
|
CWE-352
|
High
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
|
CVE-2018-17081
CWE-352
|
CWE-352
|
Medium
|
|
e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753)
|
CVE-2016-10753
CWE-502
|
CWE-502
|
High
|
|
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
|
CVE-2011-3731
CWE-200
|
CWE-200
|
Medium
|
|
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
|
CVE-2008-1989
CWE-94
|
CWE-94
|
Critical
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857)
|
CVE-2006-0857
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208)
|
CVE-2008-6208
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
|
CVE-2009-3444
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
|
CVE-2009-4083
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0997)
|
CVE-2010-0997
CWE-707
|
CWE-707
|
Low
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
|
CVE-2010-4757
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457)
|
CVE-2011-0457
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)
|
CVE-2011-4920
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
|
CVE-2012-3843
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)
|
CVE-2013-2750
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041)
|
CVE-2015-1041
CWE-707
|
CWE-707
|
Medium
|
