Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-146 - Simplenews Scheduler - Arbitrary code execution

By Drupal Security Team on 19 Sep 2012 at 16:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-146
Project: Simplenews Scheduler (third-party module)
Version: 6.x
Date: 2012-September-19
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Arbitrary PHP code execution

SA-CONTRIB-2012-145 - Imagemenu - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Sep 2012 at 16:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-145
Project: Imagemenu (third-party module)
Version: 6.x
Date: 2012-September-19
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-144 Fonecta verify - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Sep 2012 at 16:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-144
Project: Fonecta verify (third-party module)
Version: 7.x
Date: 2012-September-19
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-143 PRH Search - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Sep 2012 at 16:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-143
Project: PRH Search (third-party module)
Version: 7.x
Date: 2012-September-19
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-142 - Spambot - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Sep 2012 at 16:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-142
Project: Spambot (third-party module)
Version: 6.x, 7.x
Date: 2012-September-19
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-141 - Mass Contact - Access bypass

By Drupal Security Team on 12 Sep 2012 at 20:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-141
Project: Mass Contact (third-party module)
Version: 6.x
Date: 2012-September-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-140 - Inf08 - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Sep 2012 at 18:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-140
Project: Inf08 (third-party module)
Version: 6.x
Date: 2012-September-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-139 - PDFThumb OS Injection

By Drupal Security Team on 12 Sep 2012 at 17:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-139
Project: PDFThumb (third-party module)
Version: 7.x
Date: 2012-September-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: OS Injection

SA-CONTRIB-2012-138 - Exposed Filter Data - Cross Site Scripting (XSS)

By Drupal Security Team on 5 Sep 2012 at 19:29 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-138
Project: Exposed Filter Data (third-party module)
Version: 6.x
Date: 2012-September-05
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-137 - Heartbeat - Cross Site Request Forgery (CSRF) in heartbeat_comments

By Drupal Security Team on 5 Sep 2012 at 17:46 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-137
Project: Heartbeat (third-party module)
Version: 6.x, 7.x
Date: 2012-September-5
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

Pages

Subscribe with RSS