Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-050 - Mailhandler - SQL injection

By heine on
  • Advisory ID: DRUPAL-SA-2008-050
  • Project: Mailhandler (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-September-17
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection

SA-2008-049 - Talk - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-049
  • Project: Talk (third-party module)
  • Version: 5.x, 6.x
  • Date: 2008-September-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting, Node access bypass

SA-2008-048-b - CCK - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-048-b
  • Project: CCK (third-party module)
  • Version: 5.x
  • Date: 2008-Sep-04
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-047 - Drupal core - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-047
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2008-August-13
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-2008-046 - Drupal core - Session fixation

By heine on
  • Advisory ID: DRUPAL-SA-2008-046
  • Project: Drupal core
  • Version: 5.x
  • Date: 2008-July-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Session fixation
Categories: Drupal 5.x

SA-2008-045 - OpenID - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-045
  • Project: OpenID (third-party module)
  • Version: 5.x
  • Date: 2008-July-9
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting, Cross site request forgeries

SA-2008-044 - Drupal core - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-044
  • Project: Drupal core
  • Version: 5x, 6.x
  • Date: 2008-July-9
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-2008-043 - Outline designer - Privilege escalation

By heine on
  • Advisory ID: DRUPAL-SA-2008-043
  • Project: Outline designer (third-party module)
  • Version: 5.x
  • Date: 2008-July-2
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Privilege escalation

SA-2008-042 - Tinytax - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-042
  • Project: Tinytax taxonomy block (third-party module)
  • Version: 5.x
  • Date: 2008-July-2
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-041 - Taxonomy autotagger - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-041
  • Project: Taxonomy autotagger (third-party module)
  • Version: 5.x
  • Date: 2008-July-2
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and SQL injection

Pages

Subscribe with RSS Subscribe to Security advisories