Security News > 2019 > February > Critical Drupal Vulnerability Allows Remote Code Execution

Critical Drupal Vulnerability Allows Remote Code Execution

2019-02-21 06:26

Security updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution. read more

News URL

http://feedproxy.google.com/~r/Securityweek/~3/DF6HsLR5_cY/critical-drupal-vulnerability-allows-remote-code-execution

#codeexecution #critical #drupal #vulnerability

Related news

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		15	0	66	45	14	125

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.