Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-045 - OpenID - Multiple vulnerabilities

By heine on 9 Jul 2008 at 22:08 UTC

Advisory ID: DRUPAL-SA-2008-045
Project: OpenID (third-party module)
Version: 5.x
Date: 2008-July-9
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross site scripting, Cross site request forgeries

SA-2008-044 - Drupal core - Multiple vulnerabilities

By heine on 9 Jul 2008 at 21:24 UTC

Advisory ID: DRUPAL-SA-2008-044
Project: Drupal core
Version: 5x, 6.x
Date: 2008-July-9
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-2008-043 - Outline designer - Privilege escalation

By heine on 2 Jul 2008 at 20:56 UTC

Advisory ID: DRUPAL-SA-2008-043
Project: Outline designer (third-party module)
Version: 5.x
Date: 2008-July-2
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Privilege escalation

SA-2008-042 - Tinytax - Cross site scripting

By heine on 2 Jul 2008 at 20:51 UTC

Advisory ID: DRUPAL-SA-2008-042
Project: Tinytax taxonomy block (third-party module)
Version: 5.x
Date: 2008-July-2
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting

SA-2008-041 - Taxonomy autotagger - Multiple vulnerabilities

By heine on 2 Jul 2008 at 20:48 UTC

Advisory ID: DRUPAL-SA-2008-041
Project: Taxonomy autotagger (third-party module)
Version: 5.x
Date: 2008-July-2
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross site scripting and SQL injection

SA-2008-040 - Organic Groups - Cross site scripting and information disclosure

By moshe weitzman on 2 Jul 2008 at 20:42 UTC

Advisory ID: DRUPAL-SA-2008-040
Project: Organic Groups (third-party module)
Versions: 5.x and 6.x
Date: 2008-July-02
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross site scripting and information disclosure

SA-2008-039 - Suggested terms - Cross site scripting

By heine on 25 Jun 2008 at 18:53 UTC

Advisory ID: SA-2008-039
Project: Suggested terms (third-party module)
Versions: 5.x
Date: 2008-June-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting

SA-2008-038 - Services - Arbitrary code execution

By heine on 18 Jun 2008 at 21:50 UTC

Advisory ID: DRUPAL-SA-2008-038
Project: Services (third-party module)
Versions: 5.x and 6.x
Date: 2008-June-18
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-2008-037 - TrailScout - XSS and SQL injection

By killes@www.drop.org on 18 Jun 2008 at 21:07 UTC

Advisory ID: DRUPAL-SA-2008-037
Project: TrailScout (third-party module)
Version: 5.x
Date: 2008-June-18
Security risk: Higly critical
Exploitable from: Remote
Vulnerability: Cross site scripting and SQL injection

SA-2008-036 - Profile search - SQL Injection

By heine on 18 Jun 2008 at 15:15 UTC

Advisory ID: SA-2008-036
Project: Profile Search (third-party module)
Versions: 5.x
Date: 2008-July-18
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

Pages

Subscribe with RSS