Deprecated - Security advisories for Drupal core | Drupal.org

This forum is deprecated — view current Drupal core security advisories

DRUPAL-SA-2006-024 - Drupal core - Multiple cross site scripting vulnerabilities

By Heine on 12 Oct 2006 at 11:47 UTC

Advisory ID: DRUPAL-SA-2006-024
Project: Drupal core
Date: 2006-Oct-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting

DRUPAL-SA-2006-011 XSS Vulnerability in user module

By Gerhard Killesreiter on 2 Aug 2006 at 17:03 UTC

Advisory ID: DRUPAL-SA-2006-011
Project: Drupal core
Date: 2006-Aug-2
Security risk: less critical
Impact: Drupal core
Exploitable from: remote
Vulnerability: cross-site scripting

DRUPAL-SA-2006-008 XSS Vulnerability in taxonomy module

By webchick on 1 Jun 2006 at 19:20 UTC

Advisory ID: DRUPAL-SA-2006-008
Project: Drupal core
Date: 2006-Jun-01
Security risk: less critical
Impact: Drupal core
Exploitable from: remote
Vulnerability: cross-site scripting

SA-2006-007 - Drupal Core - Revision to DRUPAL-SA-2006-006

By webchick on 1 Jun 2006 at 18:49 UTC

Advisory ID: DRUPAL-SA-2006-007
Project: Drupal core and potentially any web application that accepts uploads.
Date: 2006-Jun-01
Security risk: highly critical
Impact: Drupal core
Exploitable from: remote
Vulnerability: Execution of arbitrary files

SA-2006-006 - Drupal Core - Execution of arbitrary files in certain Apache configurations

By webchick on 25 May 2006 at 01:19 UTC

Advisory ID: DRUPAL-SA-2006-006
Project: Drupal core
Date: 2006-May-24
Security risk: highly critical
Impact: Drupal core
Exploitable from: remote
Vulnerability: Execution of arbitrary files

DRUPAL-SA-2006-005 - Drupal core - SQL injection vulnerability

By chx on 24 May 2006 at 19:42 UTC

Advisory ID: DRUPAL-SA-2006-005
Project: Drupal core
Date: 2006-May-18
Security risk: highly critical
Impact: Drupal core
Exploitable from: remote
Vulnerability: SQL injection

Pages

Subscribe with RSS