Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2009-038 - Nodequeue - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-038
  • Project: Nodequeue (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 6.x

SA-CONTRIB-2009-037 - Views - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-037
  • Project: Views
  • Versions: 6.x-2.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting (XSS), Access Bypass
Categories: Drupal 6.x

SA-CONTRIB-2009-036 - Services - Impersonation

By Drupal Security Team on
  • Advisory ID: SA-CONTRIB-2009-036
  • Project: Services (third-party module)
  • Version: 6.x
  • Date: 2009 June 10
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Impersonation
Categories: Drupal 6.x

SA-CONTRIB-2009-035 - Booktree - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-035
  • Project: Booktree (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-034 - Taxonomy manager - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-034
  • Project: Taxonomy manager (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-033 - Quiz - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-033
  • Project: Quiz (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-03
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-032 - Webform - Cross-site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-032
  • Project: Webform (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2009-June-03
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross-site scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-031 - Ajax Session - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-031
  • Project: Ajax Session (third-party module)
  • Version: 5.x
  • Date: 2009 May 27
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-030 - Email Verification - Information disclosure / Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-030
  • Project: Email Verification (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-May-20
  • Security risk: High
  • Exploitable from: Remote
  • Vulnerability: Information disclosure, Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-029 - Views Bulk Operations - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-029
  • Project: Views Bulk Operations (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-May-20
  • Security risk: Medium
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 5.x, Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories