Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Discover Drupal
Drupal Core
Drupal CMS
Drupal AI
Case Studies
Drupal for Government
Drupal for Higher Education
Drupal for Nonprofit
Drupal for eCommerce
Drupal for FinTech
Drupal for Healthcare
Drupal for Enterprise
Drupal for Retail
Drupal for Travel & Tourism
Build with Drupal
Download Drupal
Documentation
Getting started
Local Development Guide
Developer Resources
Drupal CMS User Guide
Drupal User Guide
API
Modules
Themes
Recipes
Site Templates
Issue queues
Security Advisories
Partners & Services
Find a Drupal Certified Partner
Become a Drupal Certified Partner
Find a Hosting Provider
Find a Migration Partner
Find Training
Drupal Steward
Community
About the Community
How to Contribute
DrupalCon
Events
Jobs / Careers
News & Blogs
Forum
Slack
Newsletters
Drupal Swag Shop
Support Drupal
The Drupal Association
Donate
Become a Partner
Become a Ripple Maker
Become a Drupal Sustaining Member
Drupal Swag Shop
Get Started
Try Drupal CMS
Try Hosting
Return to content
Search form
Search
Log in
Create account
Security advisories
Show advisories for
only Drupal Core
,
only contributed projects
, or
only
PSAs
Secure site - Access bypass
By
heine
on
16 Feb 2007 at 03:12 UTC
Advisory ID: DRUPAL-SA-2007-010
Project: Secure site (third-party module)
Version: 4.7, 5
Date: 2007-Feb-16
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass
getID3 library and Audio, Mediafield - arbitrary code execution
By
heine
on
16 Feb 2007 at 01:21 UTC
Advisory ID: DRUPAL-SA-2007-009.
Project: getID3 (third-party library) used by Audio and Mediafield
Version: getID3 1.7.1
Date: 2007-Feb-16
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution
Image pager - Cross site scripting
By
heine
on
15 Feb 2007 at 09:24 UTC
Advisory ID: DRUPAL-SA-2007-008
Project: Image Pager (third-party module)
Version: 4.7.x-1.x-dev, 5.x-1.x-dev
Date: 2007-02-15
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross site scripting
Textimage - response validation bypass
By
heine
on
31 Jan 2007 at 09:59 UTC
Advisory ID: DRUPAL-SA-2007-007
Project: Textimage (third-party module)
Version: 4.7.x, 5.x
Date: 2007-Jan-31
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Captcha bypass
Captcha - response validation bypass
By
heine
on
30 Jan 2007 at 21:43 UTC
Advisory ID: DRUPAL-SA-2007-006
Project: Captcha (third-party module)
Version: 4.7.x, 5.x
Date: 2007-Jan-30
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Captcha bypass
DRUPAL-SA-2007-005 - Drupal core - Arbitrary code execution
By
heine
on
29 Jan 2007 at 19:11 UTC
Advisory ID: DRUPAL-SA-2007-005
Project: Drupal core
Version: 4.7.x, 5.x
Date: 2007-Jan-29
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution
Project and Project issue tracking - Multiple vulnerabilities
By
dww
on
23 Jan 2007 at 21:04 UTC
Advisory ID: DRUPAL-SA-2007-004.
Project: Project and Project issue tracking (third party modules).
Date: 2007-Jan-23.
Security risk: Moderately critical.
Exploitable from: Remote.
Vulnerability: Access bypass, Cross site scripting, and unsafe file upload handling.
Acidfree - SQL injection
By
heine
on
23 Jan 2007 at 21:03 UTC
Advisory ID: DRUPAL-SA-2007-003.
Project: Acidfree (third-party module).
Version: 4.6.x, 4.7.x
Date: 2007-Jan-23.
Security risk: Highly critical.
Exploitable from: Remote.
Vulnerability: SQL Injection.
Drupal core - Denial of service
By
heine
on
19 Dec 2006 at 15:53 UTC
Advisory ID: DRUPAL-SA-2007-002.
Project: Drupal Core.
Version: 4.6, 4.7
Date: 2007-Jan-05.
Security risk: Less critical.
Exploitable from: Remote.
Vulnerability: Denial of service.
Drupal core - Cross site scripting
By
heine
on
19 Dec 2006 at 15:43 UTC
Advisory ID: DRUPAL-SA-2007-001.
Project: Drupal Core.
Version: 4.6, 4.7.
Date: 2007-Jan-05.
Security risk: Less critical.
Exploitable from: Remote.
Vulnerability: Cross site scripting.
Pages
« first
‹ previous
…
187
188
189
190
191
192
193
194
195
next ›
last »
Subscribe with RSS
