SA-CONTRIB-2010-081 - FileField Sources - Arbitrary Code Execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-081
  • Project: FileField Sources (third-party module)
  • Version: 6.x
  • Date: 2010-August-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary Code Execution
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-080 - Privatemsg - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-080
  • Project: Privatemsg (third-party module)
  • Version: 6.x
  • Date: 2010-August-11
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross-Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-079 - Devel (Performance logging) - Cross Site Scripting

By kbahey on
  • Advisory ID: SA-CONTRIB-2010-079
  • Project: Devel (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-Aug-04
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-078 - Kaltura - Information disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-078
  • Project: Kaltura (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information disclosure
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-077 - Sage Pay (former Protx) Direct Payment Gateway for Ubercart - Information Disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-077
  • Project: Sage Pay Direct Payment Gateway for Ubercart (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-076 - Dashboard - Cross Site Scripting (CSS)

By Drupal Security Team on
  • Advisory ID: SA-CONTRIB-2010-076
  • Project: Dashboard (third-party module)
  • Version: 6.x
  • Date: 2010-July-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects