SA-2008-072 - Storm Project - SQL injection

By killes@www.drop.org on
  • Advisory ID: DRUPAL-SA-2008-072
  • Project: Storm Project
  • Versions: 5.x and 6.x
  • Date: 2008-December-03
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection

SA-2008-071 - User Karma - Multiple vulnerabilities

By scor on
  • Advisory ID: DRUPAL-SA-2008-071
  • Project: User Karma
  • Versions: 5.x and 6.x
  • Date: 2008-November-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection, Cross-site scripting (XSS)

SA-2008-070 - Comment Mail - Cross site request forgery

By scor on
  • Advisory ID: DRUPAL-SA-2008-070
  • Project: Comment Mail
  • Versions: 5.x
  • Date: 2008-November-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

SA-2008-069 - CCK for 5.x and 6.x - XSS vulnerabilities

By Damien Tournoud on
  • Advisory ID: DRUPAL-SA-2008-069
  • Project: Content Construction Kit (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2008-November-5
  • Security risk: Minor
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-068 - Localization client and Localization server - Cross site request forgery

By gábor hojtsy on
  • Advisory ID: DRUPAL-SA-2008-068
  • Project: Localization client and Localization server (third-party modules)
  • Versions: 5.x, 6.x
  • Date: 2008-October-22
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

SA-2008-066 - Shindig-Integrator - Multiple vulnerabilities

By heine on
  • Advisory ID: DRUPAL-SA-2008-066
  • Project: Shindig-Integrator (third-party module)
  • Versions: 5.x
  • Date: 2008-October-15
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects