9.8

CVSS3.1

CVE-2024-13264 - Opigno module - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-028

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno module allows PHP Local File Inclusion.This issue affects Opigno module: from 0.0.0 before 3.1.2.

๐Ÿ“… Published: Jan. 9, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Aug. 27, 2025, 7:49 p.m.

5.5

CVSS3.1

CVE-2024-13263 - Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1.

๐Ÿ“… Published: Jan. 9, 2025, 7:15 p.m. ๐Ÿ”„ Last Modified: Aug. 27, 2025, 7:50 p.m.

4.8

CVSS3.1

CVE-2024-13262 - View Password - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-026

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal View Password allows Cross-Site Scripting (XSS).This issue affects View Password: from 0.0.0 before 6.0.4.

๐Ÿ“… Published: Jan. 9, 2025, 7:14 p.m. ๐Ÿ”„ Last Modified: Aug. 28, 2025, 2:49 p.m.

3.5

CVSS3.1

CVE-2024-13261 - Acquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-โ€ฆ

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia DAM allows Cross Site Request Forgery.This issue affects Acquia DAM: from 0.0.0 before 1.0.13, from 1.1.0 before 1.1.0-beta3.

๐Ÿ“… Published: Jan. 9, 2025, 7:14 p.m. ๐Ÿ”„ Last Modified: Aug. 27, 2025, 8:31 p.m.

8.8

CVSS3.1

CVE-2024-13260 - Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1.

๐Ÿ“… Published: Jan. 9, 2025, 7:12 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 3:13 p.m.

7.5

CVSS3.1

CVE-2024-13259 - Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows Forceful Browsing.This issue affects Image Sizes: from 0.0.0 before 3.0.2.

๐Ÿ“… Published: Jan. 9, 2025, 7:11 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 3:12 p.m.

9.8

CVSS3.1

CVE-2024-13258 - Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13.

๐Ÿ“… Published: Jan. 9, 2025, 7:05 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 3:11 p.m.

5.3

CVSS3.1

CVE-2024-13257 - Commerce View Receipt - Moderately critical - Access bypass - SA-CONTRIB-2024-021

Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing.This issue affects Commerce View Receipt: from 0.0.0 before 1.0.3.

๐Ÿ“… Published: Jan. 9, 2025, 7:04 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 3:09 p.m.

7.5

CVSS3.1

CVE-2024-13256 - Email Contact - Moderately critical - Access bypass - SA-CONTRIB-2024-020

Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful Browsing.This issue affects Email Contact: from 0.0.0 before 2.0.4.

๐Ÿ“… Published: Jan. 9, 2025, 7:03 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 3:09 p.m.

7.5

CVSS3.1

CVE-2024-13255 - RESTful Web Services - Critical - Access bypass - SA-CONTRIB-2024-019

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

๐Ÿ“… Published: Jan. 9, 2025, 7 p.m. ๐Ÿ”„ Last Modified: June 4, 2025, 4:25 p.m.
Total resulsts: 349182
Page 7200 of 34,919
ยซ previous page ยป next page
Filters