Show advisories for only Drupal Core, only contributed projects, or only PSAs

Unintentionally logging credit card transactions

By chx on
  • Advisory ID: DRUPAL-SA-2005-006
  • Project: ecommerce
  • Date: 2005-Oct-30
  • Security risk: critical
  • Impact: authorize_net module, which is a part of the ecommerce package
  • Exploitable from: local
  • Vulnerability: System is unintentionally logging credit card transactions, including card numbers.

SQL injection and PHP code execution

By chx on
  • Advisory ID: DRUPAL-SA-2005-005
  • Project: flexinode
  • Date: 2005-Oct-03
  • Security risk: highly critical
  • Impact: flexinode module
  • Exploitable from: remote
  • Vulnerability: SQL injection and PHP execution by bypassing input format check

Pages

Subscribe with RSS Subscribe to Security advisories