webform_multiple_file_upload_project 漏洞与 CVE 列表(2)

产品(CPE): — CVE 数: 2

webform_multiple_file_upload_project 漏洞概览

webform_multiple_file_upload_project 相关的公开 CVE 漏洞与安全风险信息,提供 CVSS、EPSS、公开时间与漏洞情报数据,帮助评估潜在风险与修复优先级。

漏洞分布趋势(近 24 个月)

显示 122 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2025-12848 Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS) vulnerability in the file name renderer. An unauthenticated attacker can exploit this vulnerability by uploading a file with a malicious filename containing JavaScript code (e.g., "<img src=1 onerror=alert(document.domain)>") to a Webform node with a Multifile field where file type validation is disabled. This allows the execution of arbitrary scripts in the context of the victim's browser. The issue is pr [email protected] 7.0 0.29% 2025-11-25 2026-06-17
CVE-2015-4379 Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of certain users for requests that delete files via unspecified vectors. [email protected] 6.8 0.74% 2015-06-15 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence