SA-CONTRIB-2010-078 - Kaltura - Information disclosure

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-078
  • Project: Kaltura (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information disclosure

SA-CONTRIB-2010-077 - Sage Pay (former Protx) Direct Payment Gateway for Ubercart - Information Disclosure

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-077
  • Project: Sage Pay Direct Payment Gateway for Ubercart (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure

SA-CONTRIB-2010-076 - Dashboard - Cross Site Scripting (CSS)

  • Advisory ID: SA-CONTRIB-2010-076
  • Project: Dashboard (third-party module)
  • Version: 6.x
  • Date: 2010-July-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB 2010-075 - Tagging - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-075
  • Project: Tagging (third-party module)
  • Version: 6.x
  • Date: 2010-July 21
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-074 - Drupad - Cross-site request forgery

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-074
  • Projects: Drupad (third-party module)
  • Version: 6.x
  • Date: 2010-07-14
  • Security risks: Critical
  • Exploitable from: Remote
  • Vulnerability: CSRF

SA-CONTRIB-2010-073 - Multiple Vulnerabilities In Multiple Contributed Modules

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-073
  • Projects: Multiple third party modules - Simple Gallery, OG Menu, Tell A Friend Node, JsMath For Displaying Mathematics With TeX
  • Version: 5.x, 6.x
  • Date: 2010-July-14
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple (Cross Site Scripting, Email Header Injection)

SA-CONTRIB-2010-072: Hierarchical Select - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-072
  • Project: Hierarchical Select (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-July-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-071 - MultiSafepay Integration - Cross Site Request Forgery

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-071
  • Project: MultiSafepay Integration (third-party module)
  • Version: 6.x
  • Date: 2010-July-07
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2010-070 - Multiple vulnerabilities in multiple contributed modules

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-070
  • Projects: Multiple third party modules - Easy Translator, Block Queue, Multiple Image Upload (Imagex)
  • Version: 5.x, 6.x
  • Date: 2010-06-23
  • Security risks: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple (SQL Injection, CSRF, Access bypass)

SA-CONTRIB-2010-069 - Case Tracker - Multiple Vulnerabilities

  • Advisory ID: DRUPAL-SA-CONTRIB-2010-069
  • Project: Case Tracker (third-party module)
  • Version: 5.x
  • Date: 2010-June-23
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple Vulnerabilities

Pages

Subscribe with RSS Subscribe to Security advisories