Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-2008-037 - TrailScout - XSS and SQL injection

By killes@www.drop.org on
  • Advisory ID: DRUPAL-SA-2008-037
  • Project: TrailScout (third-party module)
  • Version: 5.x
  • Date: 2008-June-18
  • Security risk: Higly critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and SQL injection

SA-2008-036 - Profile search - SQL Injection

By heine on
  • Advisory ID: SA-2008-036
  • Project: Profile Search (third-party module)
  • Versions: 5.x
  • Date: 2008-July-18
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-2008-035 - Aggregation - Multiple vulnerabilities

By heine on
  • Advisory ID: SA-2008-035
  • Project: Aggregation (third-party module)
  • Versions: 5.x
  • Date: 2008-June-11
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-2008-034 - Node Hierarchy - Access bypass

By heine on
  • Advisory ID: SA-2008-034
  • Project: Node Hierarchy (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-June-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-033 - Taxonomy Image - Cross site scripting

By heine on
  • Advisory ID: SA-2008-033
  • Project: Taxonomy Image (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-June-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-032 - Magic Tabs - Arbitrary code execution

By heine on
  • Advisory ID: SA-2008-032
  • Project: Magic Tabs (third-party module)
  • Versions: 5.x
  • Date: 2008-June-11
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution

SA-2008-031 - Pblog - Incorrect vulnerability report

By heine on
  • Advisory ID: SA-2008-031
  • Project: Pblog (third-party module)
  • Versions: none
  • Date: 2008-June-11
  • Security risk: Not critical
  • Exploitable from: Remote
  • Subject: Incorrect vulnerability report

SA-2008-030 - Site Documentation - Privilege escalation

By heine on
  • Advisory ID: DRUPAL-SA-2008-030
  • Project: Site Documentation (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-May-14
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Privilege escalation

SA-2008-029 - E-Publish - Cross site scripting and Cross site request forgeries

By heine on
  • Advisory ID: DRUPAL-SA-2008-029
  • Project: E-Publish (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-April-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting and Cross site request forgeries

SA-2008-028 - Internationalization and Localizer - Cross site scripting

By heine on
  • Advisory ID: DRUPAL-SA-2008-028
  • Project: Internationalization and Localizer (third-party modules)
  • Versions: 5.x and 6.x
  • Date: 2008-April-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

Pages

Subscribe with RSS Subscribe to Security advisories