drupal-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7 specific rules.

PHP Custom Code is an experimental Drupal 10 module that provides an administration interface for adding custom PHP code blocks. These code blocks can be executed globally on every page or only on ...

Drupal patched a series of highly critical remote code execution bugs in three separate modules today that could let an attacker take over any site running the modules.

Security updates for Drupal: Malicious code attacks on web browsers possible The developers of Drupal have closed several vulnerabilities in their content management system.

The Drupal project is urging website admins to install updates immediately after disclosing a highly critical remote code execution bug affecting the Drupal core CMS.

Vulnerabilities Remote Code Execution Vulnerability Patched in Drupal Updates released on Wednesday for the Drupal content management system (CMS) patch a remote code execution vulnerability related ...

September 7th has passed and the Drupal 7 code freeze is officially on. 82 weeks of development that started in February 2008 has come and gone and now it's time to relax.Oh wait, no, you aren't ...

The security hole, designated CVE-2019-6340, is a remote-code-execution flaw caused by Drupal neglecting to properly check data from RESTful web services. A successful exploit of the vulnerability ...