news aggregator
- Advisory ID: DRUPAL-SA-2008-026
- Project: Drupal core
- Version: 6.x
- Date: 2008-April-09
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
read more
- Advisory ID: DRUPAL-SA-2008-025
- Project: Simple access (third-party module)
- Version: 5.x-1.*
- Date: 2008-April-09
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
read more
- Advisory ID: DRUPAL-SA-2008-024
- Project: Webform (third-party module)
- Version: 5.x, 6.x
- Date: 2008-April-03
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-023
- Project: Ubercart (third-party module)
- Version: 5.x
- Date: 2008-April-02
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-022
- Project: Flickr (third-party module)
- Version: 5.x, 6.x
- Date: 2008-April-02
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-021
- Project: Live (third-party module)
- Version: 5.x
- Date: 2008-March-23
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site request forgery
read more
- Advisory ID: DRUPAL-SA-2008-020
- Project: Ubercart (third-party module)
- Version: 5.x
- Date: 2008-March-12
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-019
- Project: Refine by Taxonomy (third-party module)
- Version: 5.x
- Date: 2008-March-05
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-018
- Project: Drupal core
- Version: 6.0
- Date: 2008-February-27
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Multiple cross site scripting vulnerabilities
read more
- Advisory ID: DRUPAL-SA-2008-017
- Project: Header image (third-party module)
- Version: 5.x-1.0
- Date: 2008-February-13
- Security risk: Not critical
- Exploitable from: Remote
- Vulnerability: Access bypass
read more
- Advisory ID: DRUPAL-SA-2008-016
- Project: OpenID (third-party module)
- Version: 5.x-1.0
- Date: 2007-January-30
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Identity impersonation
read more
- Advisory ID: DRUPAL-SA-2008-015
- Project: Comment upload (third-party module)
- Version: 4.7.x, 5.x
- Date: 2007-January-30
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary file upload
read more
- Advisory ID: DRUPAL-SA-2008-014
- Project: Userpoints (third-party module)
- Version: 4.7.x, 5.x-2.x, 5.x-3.x
- Date: 2008-January-30
- Security risk: Not critical
- Exploitable from: Remote
- Vulnerability: Cross site request forgery
read more
- Advisory ID: DRUPAL-SA-2008-013
- Project: Project issue tracking (third-party module)
- Version: 4.7.x-1.x, 4.7.x-2.x, 5.x-1.x, 5.x-2.x
- Date: 2007-January-30
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary file upload
read more
- Advisory ID: DRUPAL-SA-2008-012
- Project: Project issue tracking (third-party module)
- Version: 4.7.x-1.x, 4.7.x-2.x, 5.x-1.x, 5.x-2.x
- Date: 2007-January-30
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross-site scripting (XSS)
read more
- Advisory ID: DRUPAL-SA-2008-011
- Project: Secure Site (third-party module)
- Version: 5.x-1.0, 4.7.x-1.0
- Date: 2008-January-30
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
read more
- Advisory ID: DRUPAL-SA-2008-010
- Project: Archive (third-party module)
- Version: 5.x
- Date: 2008-January-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-009
- Project: Workflow (third-party module)
- Version: 4.7.x, 5.x
- Date: 2008-January-23
- Security risk: Not critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
read more
- Advisory ID: DRUPAL-SA-2008-008
- Project: Meta tags / Nodewords (third-party module)
- Version: 5.x-1.6
- Date: 2007-January-14
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary code execution
read more
- Advisory ID: DRUPAL-SA-2008-007
- Project: Drupal core
- Version: 4.7.x, 5.x
- Date: 2008-January-10
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting when register_globals is enabled.
read more
|
