CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-13308
Browser Back Button - Moderately critical - Cross site scripting - SA-CONTRIB-2024-072
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13304
Minify JS - Moderately critical - Cross site request forgery - SA-CONTRIB-2024-070
Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.

CVSS: MEDIUM (4.5)

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13300
Print Anything - Critical - Unsupported - SA-CONTRIB-2024-066
Description: Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13299
Megamenu Framework - Critical - Unsupported - SA-CONTRIB-2024-065
Description: Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13298
Tarte au Citron - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-064
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tarte au Citron allows Cross-Site Scripting (XSS).This issue affects Tarte au Citron: from 2.0.0 before 2.0.5.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13297
Eloqua - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-063
Description: Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X-* before 7.X-1.15.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13296
Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062
Description: Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This issue affects Mailjet: from 0.0.0 before 4.0.1.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13295
Node export - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-061
Description: Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection.This issue affects Node export: from 7.X-* before 7.X-3.3.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13294
POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal POST File allows Cross-Site Scripting (XSS).This issue affects POST File: from 0.0.0 before 1.0.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13293
POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059
Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)