Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-078 - Kaltura - Information disclosure

By Drupal Security Team on 28 Jul 2010 at 22:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-078
Project: Kaltura (third-party module)
Versions: 5.x, 6.x
Date: 2010-July-28
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Information disclosure

SA-CONTRIB-2010-077 - Sage Pay (former Protx) Direct Payment Gateway for Ubercart - Information Disclosure

By Drupal Security Team on 28 Jul 2010 at 17:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-077
Project: Sage Pay Direct Payment Gateway for Ubercart (third-party module)
Version: 5.x, 6.x
Date: 2010-July-28
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2010-076 - Dashboard - Cross Site Scripting (CSS)

By Drupal Security Team on 28 Jul 2010 at 16:11 UTC

Advisory ID: SA-CONTRIB-2010-076
Project: Dashboard (third-party module)
Version: 6.x
Date: 2010-July-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB 2010-075 - Tagging - Cross Site Scripting

By Drupal Security Team on 21 Jul 2010 at 18:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-075
Project: Tagging (third-party module)
Version: 6.x
Date: 2010-July 21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-074 - Drupad - Cross-site request forgery

By Drupal Security Team on 14 Jul 2010 at 20:46 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-074
Projects: Drupad (third-party module)
Version: 6.x
Date: 2010-07-14
Security risks: Critical
Exploitable from: Remote
Vulnerability: CSRF

SA-CONTRIB-2010-073 - Multiple Vulnerabilities In Multiple Contributed Modules

By Drupal Security Team on 14 Jul 2010 at 20:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-073
Projects: Multiple third party modules - Simple Gallery, OG Menu, Tell A Friend Node, JsMath For Displaying Mathematics With TeX
Version: 5.x, 6.x
Date: 2010-July-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple (Cross Site Scripting, Email Header Injection)

SA-CONTRIB-2010-072: Hierarchical Select - Cross Site Scripting

By Drupal Security Team on 7 Jul 2010 at 16:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-072
Project: Hierarchical Select (third-party module)
Version: 5.x, 6.x
Date: 2010-July-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-071 - MultiSafepay Integration - Cross Site Request Forgery

By greggles on 7 Jul 2010 at 15:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-071
Project: MultiSafepay Integration (third-party module)
Version: 6.x
Date: 2010-July-07
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2010-070 - Multiple vulnerabilities in multiple contributed modules

By Drupal Security Team on 23 Jun 2010 at 20:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-070
Projects: Multiple third party modules - Easy Translator, Block Queue, Multiple Image Upload (Imagex)
Version: 5.x, 6.x
Date: 2010-06-23
Security risks: Critical
Exploitable from: Remote
Vulnerability: Multiple (SQL Injection, CSRF, Access bypass)

SA-CONTRIB-2010-069 - Case Tracker - Multiple Vulnerabilities

By Drupal Security Team on 23 Jun 2010 at 18:05 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-069
Project: Case Tracker (third-party module)
Version: 5.x
Date: 2010-June-23
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple Vulnerabilities

Pages

Subscribe with RSS