Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-025 - Simple access - Access bypass

By dww on
  • Advisory ID: DRUPAL-SA-2008-025
  • Project: Simple access (third-party module)
  • Version: 5.x-1.*
  • Date: 2008-April-09
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-024 - Webform - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-024
  • Project: Webform (third-party module)
  • Version: 5.x, 6.x
  • Date: 2008-April-03
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-023 - Ubercart - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-023
  • Project: Ubercart (third-party module)
  • Version: 5.x
  • Date: 2008-April-02
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-022 - Flickr - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-022
  • Project: Flickr (third-party module)
  • Version: 5.x, 6.x
  • Date: 2008-April-02
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-021 - Live - Cross site request forgery

By heine on
  • Advisory ID: DRUPAL-SA-2008-021
  • Project: Live (third-party module)
  • Version: 5.x
  • Date: 2008-March-23
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

SA-2008-020 - Ubercart - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-020
  • Project: Ubercart (third-party module)
  • Version: 5.x
  • Date: 2008-March-12
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-019 - Refine by Taxonomy - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-019
  • Project: Refine by Taxonomy (third-party module)
  • Version: 5.x
  • Date: 2008-March-05
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-018 - Drupal core - Cross site scripting

By gábor hojtsy on
  • Advisory ID: DRUPAL-SA-2008-018
  • Project: Drupal core
  • Version: 6.0
  • Date: 2008-February-27
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple cross site scripting vulnerabilities
Categories: Drupal 6.x

SA-2008-017 - Header image - Access bypass

By heine on
  • Advisory ID: DRUPAL-SA-2008-017
  • Project: Header image (third-party module)
  • Version: 5.x-1.0
  • Date: 2008-February-13
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-016 - OpenID - Incorrect claimed_id returned for OpenID 2.0

By walkah on
  • Advisory ID: DRUPAL-SA-2008-016
  • Project: OpenID (third-party module)
  • Version: 5.x-1.0
  • Date: 2008-January-30
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Identity impersonation

Pages

Subscribe with RSS Subscribe to Security advisories