Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-088 - Content Construction Kit (CCK) - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-088
  • Project: Content Construction Kit (CCK) (third-party module)
  • Version: 6.x
  • Date: 2010-August-11
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass
Categories: Drupal 6.x

SA-CONTRIB-2010-087 - GovDelivery - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-087
  • Project: GovDelivery Integration (third-party module)
  • Version: 6.x
  • Date: 2010-Aug-11
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-086 - Prepopulate - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-086
  • Project: Prepopulate (third-party module)
  • Version: 5.x and 6.x
  • Date: 2010-Aug-11
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-085 - Pathauto - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-085
  • Project: Pathauto (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-August-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-084 - OpenID - Authentication bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-084
  • Project: OpenID (third-party module)
  • Version: 5.x
  • Date: 2010-Aug-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Authentication bypass
Categories: Drupal 5.x

SA-CORE-2010-002 - Drupal core - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2010-002
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2010-August-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-083 - Ubercart sub-modules - Multiple Vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-083
  • Project: UC2Checkout, UCPaypal, UC Cart LInks (third-party modules in the Ubercart Project)
  • Version: 5.x, 6.x
  • Date: 2010-Aug-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass, Cross Site Request Forgery
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-082 - Print - Local file read access

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-082
  • Project: Printer, e-mail and PDF versions (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-August-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Local file read access
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-081 - FileField Sources - Arbitrary Code Execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-081
  • Project: FileField Sources (third-party module)
  • Version: 6.x
  • Date: 2010-August-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary Code Execution
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-080 - Privatemsg - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-080
  • Project: Privatemsg (third-party module)
  • Version: 6.x
  • Date: 2010-August-11
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross-Site Scripting
Categories: Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories