Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-040 - Organic Groups - Cross site scripting and information disclosure

By moshe weitzman on
  • Advisory ID: DRUPAL-SA-2008-040
  • Project: Organic Groups (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-July-02
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and information disclosure

SA-2008-039 - Suggested terms - Cross site scripting

By heine on
  • Advisory ID: SA-2008-039
  • Project: Suggested terms (third-party module)
  • Versions: 5.x
  • Date: 2008-June-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-038 - Services - Arbitrary code execution

By heine on
  • Advisory ID: DRUPAL-SA-2008-038
  • Project: Services (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-June-18
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution

SA-2008-037 - TrailScout - XSS and SQL injection

By killes@www.drop.org on
  • Advisory ID: DRUPAL-SA-2008-037
  • Project: TrailScout (third-party module)
  • Version: 5.x
  • Date: 2008-June-18
  • Security risk: Higly critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and SQL injection

SA-2008-036 - Profile search - SQL Injection

By heine on
  • Advisory ID: SA-2008-036
  • Project: Profile Search (third-party module)
  • Versions: 5.x
  • Date: 2008-July-18
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-2008-035 - Aggregation - Multiple vulnerabilities

By heine on
  • Advisory ID: SA-2008-035
  • Project: Aggregation (third-party module)
  • Versions: 5.x
  • Date: 2008-June-11
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-2008-034 - Node Hierarchy - Access bypass

By heine on
  • Advisory ID: SA-2008-034
  • Project: Node Hierarchy (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-June-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-033 - Taxonomy Image - Cross site scripting

By heine on
  • Advisory ID: SA-2008-033
  • Project: Taxonomy Image (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-June-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-032 - Magic Tabs - Arbitrary code execution

By heine on
  • Advisory ID: SA-2008-032
  • Project: Magic Tabs (third-party module)
  • Versions: 5.x
  • Date: 2008-June-11
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution

SA-2008-031 - Pblog - Incorrect vulnerability report

By heine on
  • Advisory ID: SA-2008-031
  • Project: Pblog (third-party module)
  • Versions: none
  • Date: 2008-June-11
  • Security risk: Not critical
  • Exploitable from: Remote
  • Subject: Incorrect vulnerability report

Pages

Subscribe with RSS Subscribe to Security advisories