Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-13251
Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13252
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal TacJS allows Cross-Site Scripting (XSS).This issue affects TacJS: from 0.0.0 before 6.5.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13253
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13254
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows Forceful Browsing.This issue affects REST Views: from 0.0.0 before 3.0.1.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13255
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13256
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful Browsing.This issue affects Email Contact: from 0.0.0 before 2.0.4.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13257
Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing.This issue affects Commerce View Receipt: from 0.0.0 before 1.0.3.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13258
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-01-09
CVE-2024-13259
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows Forceful Browsing.This issue affects Image Sizes: from 0.0.0 before 3.0.2.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13242
Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource Location Spoofing.This issue affects Swift Mailer: *.*.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved