| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
|
CVE-2012-4553
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)
|
CVE-2012-4554
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)
|
CVE-2012-5651
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0246)
|
CVE-2013-0246
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-1476)
|
CVE-2014-1476
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5020)
|
CVE-2014-5020
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-5267)
|
CVE-2014-5267
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
|
CVE-2014-9015
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7570)
|
CVE-2016-7570
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
|
CVE-2016-7572
CWE-264
|
CWE-264
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
|
CVE-2013-0316
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
|
CVE-2014-5265
|
|
Medium
|
|
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
|
CVE-2014-5266
|
|
Medium
|
|
Drupal Session Fixation Vulnerability (CVE-2008-3222)
|
CVE-2008-3222
CWE-384
|
CWE-384
|
Medium
|
|
Drupal trusted_host_patterns setting not configured
|
CWE-16
|
CWE-16
|
Medium
|
|
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-6931)
|
CVE-2017-6931
CWE-434
|
CWE-434
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
|
CVE-2010-2471
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
|
CVE-2015-2749
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
|
CVE-2015-2750
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
|
CVE-2015-7943
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
|
CVE-2016-9451
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)
|
CVE-2017-6932
CWE-601
|
CWE-601
|
Medium
|
|
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662)
|
CVE-2020-13662
CWE-601
|
CWE-601
|
Medium
|
|
Drupal Views module information disclosure vulnerability
|
CWE-200
|
CWE-200
|
Medium
|
|
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
|
CVE-2014-5325
CWE-200
|
CWE-200
|
Medium
|
|
DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326)
|
CVE-2014-5326
CWE-707
|
CWE-707
|
Medium
|
|
e107 Credentials Management Errors Vulnerability (CVE-2013-7305)
|
CVE-2013-7305
|
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
|
CVE-2010-5084
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
|
CVE-2011-4947
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433)
|
CVE-2012-6433
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
|
CVE-2012-6434
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
|
CVE-2017-8098
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)
|
CVE-2018-11127
CWE-352
|
CWE-352
|
Medium
|
|
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
|
CVE-2018-17081
CWE-352
|
CWE-352
|
Medium
|
|
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
|
CVE-2011-3731
CWE-200
|
CWE-200
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857)
|
CVE-2006-0857
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208)
|
CVE-2008-6208
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
|
CVE-2009-3444
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)
|
CVE-2009-4083
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
|
CVE-2010-4757
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457)
|
CVE-2011-0457
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)
|
CVE-2011-4920
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
|
CVE-2012-3843
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750)
|
CVE-2013-2750
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041)
|
CVE-2015-1041
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1057)
|
CVE-2015-1057
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11734)
|
CVE-2018-11734
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
|
CVE-2018-16381
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
|
CVE-2018-17423
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121)
|
CVE-2023-36121
CWE-707
|
CWE-707
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-2416)
|
CVE-2006-2416
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5320)
|
CVE-2008-5320
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1409)
|
CVE-2009-1409
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921)
|
CVE-2011-4921
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946)
|
CVE-2011-4946
CWE-138
|
CWE-138
|
Medium
|
|
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
|
CVE-2018-16389
CWE-138
|
CWE-138
|
Medium
|
|
e107 Other Vulnerability (CVE-2003-1191)
|
CVE-2003-1191
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2028)
|
CVE-2004-2028
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2031)
|
CVE-2004-2031
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2039)
|
CVE-2004-2039
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2040)
|
CVE-2004-2040
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2004-2262)
|
CVE-2004-2262
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-2327)
|
CVE-2005-2327
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-2805)
|
CVE-2005-2805
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-3594)
|
CVE-2005-3594
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2005-4051)
|
CVE-2005-4051
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-0682)
|
CVE-2006-0682
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-2590)
|
CVE-2006-2590
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-2591)
|
CVE-2006-2591
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-3259)
|
CVE-2006-3259
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-4757)
|
CVE-2006-4757
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2006-4794)
|
CVE-2006-4794
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2007-3429)
|
CVE-2007-3429
|
|
Medium
|
|
e107 Other Vulnerability (CVE-2010-0996)
|
CVE-2010-0996
|
|
Medium
|
|
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
|
CVE-2008-2020
CWE-264
|
CWE-264
|
Medium
|
