Drupal Releases Security Updates – Third-party library CKEditor

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities

Read more

Drupal File Module Cross-Site Scripting Vulnerability [CVE-2019-6341]

CVE Number – CVE-2019-6341 A vulnerability in File module/subsystem of Drupal could allow an authenticated, remote attacker to conduct a cross-site scripting

Read more

Drupal EU Cookie Compliance module cross-site scripting vulnerability

This module addresses the General Data Protection Regulation (GDPR) that came into effect 25th May 2018, and the EU Directive

Read more

Drupal PHP built-in phar Stream Wrapper Remote Code Execution Vulnerability [CVE-2019-6339]

CVE Number – CVE-2019-6339 A vulnerability in the PHP built-in phar stream wrapper used in Drupal could allow an authenticated, remote attacker

Read more

Drupal core PEAR Archive_Tar Library Vulnerability [CVE-2019-6338]

CVE Number – CVE-2019-6338 A vulnerability in the Drupal core PEAR Archive_Tar library of Drupal Core could allow an authenticated, remote attacker

Read more

New Attacks Targeting Drupal Websites

A new attack methodology has been identified which involves the Dirty COW and Drupalgeddon 2 vulnerabilities present in unpatched Drupal

Read more

Drupal Remote Code Execution Vulnerability [CVE-2018-7602]

A vulnerability in multiple subsystems of Drupal could allow an authenticated, remote attacker to execute arbitrary code on a targeted

Read more

Muhstik Botnet

Muhstik is a botnet that uses compromised websites to launch distributed denial-of-service (DDoS) attacks and install cryptocurrency mining malware. The

Read more

Drupalgeddon 3 – Remote Code Execution Vulnerability in Drupal

On 25 April 2018 Drupal, the web content management system providers, released a security patch. Within hours of releasing this

Read more

Drupal Remote Code Execution Vulnerability [CVE-2018-7600]

A vulnerability in multiple subsystems of Drupal could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted

Read more
%d bloggers like this: