Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-13243
Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This issue affects Entity Delete Log: from 0.0.0 before 1.1.1.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13244
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request Forgery.This issue affects Migrate Tools: from 0.0.0 before 6.0.3.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13245
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CKEditor 4 LTS - WYSIWYG HTML editor allows Cross-Site Scripting (XSS).This issue affects CKEditor 4 LTS - WYSIWYG HTML editor: from 1.0.0 before 1.0.1.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13246
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 0.0.0 before 2.0.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13247
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Coffee allows Cross-Site Scripting (XSS).This issue affects Coffee: from 0.0.0 before 1.4.0.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13248
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13249
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 7.X-1.0 before 7.X-1.2.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13250
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Drupal Symfony Mailer Lite allows Cross Site Request Forgery.This issue affects Drupal Symfony Mailer Lite: from 0.0.0 before 1.0.6.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13237
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal File Entity (fieldable files) allows Cross-Site Scripting (XSS).This issue affects File Entity (fieldable files): from 7.X-* before 7.X-2.38.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13238
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Typogrify allows Cross-Site Scripting (XSS).This issue affects Typogrify: from 0.0.0 before 1.3.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved