Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-015 - Signwriter - Arbitrary code execution

By Drupal Security Team on 3 Feb 2010 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-015
Project: Signwriter (third-party module)
Version: 5.x, 6.x
Date: 2010-February-3
Security risk: Critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-014 - Node Export - Arbitrary code execution

By Drupal Security Team on 3 Feb 2010 at 19:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-014
Project: Node Export (third-party module)
Version: 5.x, 6.x
Date: 2010-February-3
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting

By Drupal Security Team on 3 Feb 2010 at 16:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-013
Project: Menu Breadcrumb (third-party module)
Version: 6.x
Date: 2010-February-03
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-012 - ODF Import - Access Bypass (possible Cross Site Scripting)

By greggles on 3 Feb 2010 at 15:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-012
Project: ODF Import (third-party module)
Version: 6.x-1.0
Date: 2010-February-3
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-011 - Feedback - Cross Site Scripting

By Drupal Security Team on 27 Jan 2010 at 22:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-011
Project: Feedback (third-party module)
Version: 5.x, 6.x
Date: 2010-January-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-010 - Author Contact - Cross site scripting

By coltrane on 27 Jan 2010 at 20:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-010
Project: Author Contact (third-party module)
Version: 5.x, 6.x
Date: 2010-January-27
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS