Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-030 - Site Documentation - Privilege escalation

By heine on
  • Advisory ID: DRUPAL-SA-2008-030
  • Project: Site Documentation (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-May-14
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Privilege escalation

SA-2008-029 - E-Publish - Cross site scripting and Cross site request forgeries

By heine on
  • Advisory ID: DRUPAL-SA-2008-029
  • Project: E-Publish (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-April-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and Cross site request forgeries

SA-2008-028 - Internationalization and Localizer - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-028
  • Project: Internationalization and Localizer (third-party modules)
  • Versions: 5.x and 6.x
  • Date: 2008-April-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-027 - Ubercart - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-027
  • Project: Ubercart (third-party module)
  • Version: 5.x
  • Date: 2008-April-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-026 - Drupal core - Access bypass

By heine on
  • Advisory ID: DRUPAL-SA-2008-026
  • Project: Drupal core
  • Version: 6.x
  • Date: 2008-April-09
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-2008-025 - Simple access - Access bypass

By dww on
  • Advisory ID: DRUPAL-SA-2008-025
  • Project: Simple access (third-party module)
  • Version: 5.x-1.*
  • Date: 2008-April-09
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-024 - Webform - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-024
  • Project: Webform (third-party module)
  • Version: 5.x, 6.x
  • Date: 2008-April-03
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-023 - Ubercart - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-023
  • Project: Ubercart (third-party module)
  • Version: 5.x
  • Date: 2008-April-02
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-022 - Flickr - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-022
  • Project: Flickr (third-party module)
  • Version: 5.x, 6.x
  • Date: 2008-April-02
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-021 - Live - Cross site request forgery

By heine on
  • Advisory ID: DRUPAL-SA-2008-021
  • Project: Live (third-party module)
  • Version: 5.x
  • Date: 2008-March-23
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

Pages

Subscribe with RSS Subscribe to Security advisories