Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-097 - Imagemenu - Multiple vulnerabilities

By Drupal Security Team on 29 Sep 2010 at 19:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-097
Project: Imagemenu (third-party module)
Version: 5.x, 6.x
Date: 2010-September-29
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross-Site Scripting, Cross-site Request Forgery

SA-CONTRIB-2010-096 - Domain access - Multiple Vulnerabilities

By Drupal Security Team on 22 Sep 2010 at 21:49 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-096
Project: Domain access (third-party module)
Version: 5.x, 6.x, 7.x
Date: 2010-September-22
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross-Site Scripting, Priviledge Escalation

SA-CONTRIB-2010-095 - Lightbox2 - Multiple Vulnerabilities

By Drupal Security Team on 22 Sep 2010 at 18:33 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-095
Project: Lightbox2 (third-party module)
Version: 5.x, 6.x
Date: 2010-September-22
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Access Bypass, Cross-Site Scripting

SA-CONTRIB-2010-094 - Embedded Media Field - Access bypass

By Drupal Security Team on 22 Sep 2010 at 18:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-094
Project: Embedded Media Field (third-party module)
Version: 5.x, 6.x
Date: 2010-September-22
Security risk: ~~Moderately Critical~~ Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-093 - Advanced Taxonomy Blocks - Multiple Vulnerabilities

By Drupal Security Team on 15 Sep 2010 at 19:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-093
Project: Advanced Taxonomy Blocks (third-party module)
Version: 6.x
Date: 2010-September-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2010-092 - Advanced Book Blocks - Multiple Vulnerabilities

By Drupal Security Team on 15 Sep 2010 at 19:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-092
Project: Advanced Book Blocks (third-party module)
Version: 6.x
Date: 2010-September-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2010-091 - Mollom - Information Disclosure

By Drupal Security Team on 15 Sep 2010 at 15:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-091
Project: Mollom (third-party module)
Version: 6.x
Date: 2010-September-15
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2010-090 - Yr Weatherdata - SQL Injection

By Drupal Security Team on 8 Sep 2010 at 17:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-090
Project: Yr Weatherdata (third-party module)
Version: 6.x
Date: 2010-September-08
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2010-089 - Simplenews Content Selection - Cross Site Scripting

By Drupal Security Team on 18 Aug 2010 at 19:51 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-089
Project: Simplenews content selection (third-party module)
Version: 6.x
Date: 2010-August-18
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross site scripting

SA-CONTRIB-2010-088 - Content Construction Kit (CCK) - Access Bypass

By Drupal Security Team on 11 Aug 2010 at 23:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-088
Project: Content Construction Kit (CCK) (third-party module)
Version: 6.x
Date: 2010-August-11
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

Pages

Subscribe with RSS