Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-067 - Views - Multiple vulnerabilities

By Drupal Security Team on 17 Jun 2010 at 02:59 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-067
Project: Views (third-party module)
Version: 5.x, 6.x
Date: 2010-June-16
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2010-066 - FileField - Cross Site Scripting

By Drupal Security Team on 17 Jun 2010 at 01:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-066
Project: FileField (third-party module)
Version: 5.x, 6.x
Date: 2010-June-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Views - Administer views permission - PSA-2010-002

Date:

2010-June-16

Advisory ID: PSA-2010-002
Project: Views (third-party module)
Versions: 5.x, 6.x
Date: 2010-June-16
Security risk: Not critical

SA-CONTRIB-2010-065 - Content Construction Kit (CCK) - Access Bypass

By Drupal Security Team on 16 Jun 2010 at 20:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-065
Project: Content Construction Kit (CCK) (third-party module)
Version: 5.x, 6.x
Date: 2010-June-16
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-064 - Ubercart MIGS Payment Gateway - Web Parameter Tampering

By Drupal Security Team on 16 Jun 2010 at 19:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-064
Project: Ubercart MIGS Payment Gateway (third-party module)
Versions: 6.x
Date: 2010-Jun-16
Security risk: Critical
Exploitable from: Remote
Vulnerability: Web Parameter Tampering

SA-CONTRIB-2010-063 - Studio theme pack - Cross Site Scripting

By Drupal Security Team on 16 Jun 2010 at 18:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-063
Project: Studio theme pack (third-party theme)
Version: 6.x
Date: 2010-June-16
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-062 - Ogone | Ubercart payment - Access Bypass

By Drupal Security Team on 16 Jun 2010 at 18:05 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-062
Project: Ogone | Ubercart payment (third-party module)
Version: 5.x, 6.x
Date: 2010-June-16
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-061 - AddonChat - Multiple Vulnerabilities

By Drupal Security Team on 26 May 2010 at 20:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-061
Project: AddonChat (third-party module)
Version: 6.x-1.x
Date: 2010-May-26
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Multiple (Privilege Escalation, Cross-site scripting)

SA-CONTRIB-2010-060 - Scheduler - Cross Site Scripting

By Drupal Security Team on 26 May 2010 at 19:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-060
Project: Scheduler (third-party module)
Version: 5.x, 6.x
Date: 2010-May-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-059: Panels - Arbitrary PHP code execution

By Drupal Security Team on 20 May 2010 at 02:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-059
Project: Panels (third-party module)
Versions: 6.x
Date: 2010 May 19
Security risk: Critical
Exploitable from: Remote
Vulnerability: Arbitrary PHP code execution

Pages

Subscribe with RSS