This forum is deprecated — view current Drupal core security advisories

Drupal core - Cross site request forgeries

By Heine on
  • Advisory ID: DRUPAL-SA-2007-017
  • Project: Drupal core
  • Version: 5.x
  • Date: 2007-July-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple cross site request forgeries
Categories: Drupal 5.x

DRUPAL-SA-2007-005 - Drupal core - Arbitrary code execution

By Heine on
  • Advisory ID: DRUPAL-SA-2007-005
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-Jan-29
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution
Categories: Drupal 4.7.x, Drupal 5.x

Drupal core - Denial of service

By Heine on
  • Advisory ID: DRUPAL-SA-2007-002.
  • Project: Drupal Core.
  • Version: 4.6, 4.7
  • Date: 2007-Jan-05.
  • Security risk: Less critical.
  • Exploitable from: Remote.
  • Vulnerability: Denial of service.

Drupal core - Cross site scripting

By Heine on
  • Advisory ID: DRUPAL-SA-2007-001.
  • Project: Drupal Core.
  • Version: 4.6, 4.7.
  • Date: 2007-Jan-05.
  • Security risk: Less critical.
  • Exploitable from: Remote.
  • Vulnerability: Cross site scripting.

DRUPAL-SA-2006-026 - Drupal core - Form action attribute injection

By Heine on
  • Advisory ID: DRUPAL-SA-2006-026
  • Project: Drupal core
  • Date: 2006-Oct-18
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: HTML attribute injection
Categories: Drupal 4.6.x, Drupal 4.7.x

DRUPAL-SA-2006-025 - Drupal core - Cross site request forgeries

By Heine on
  • Advisory ID: DRUPAL-SA-2006-025
  • Project: Drupal core
  • Date: 2006-Oct-18
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgeries
Categories: Drupal 4.6.x, Drupal 4.7.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for Drupal core