SA-2008-065 - Node Clone - Access bypass

By pwolanin on
  • Advisory ID: DRUPAL-SA-2008-065
  • Project: Node Clone (third-party module)
  • Version: 6.x, and 5.x.
  • Date: 2008-October-15
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-064 - Node Vote - SQL injection vulnerability

By kbahey on
  • Advisory ID: DRUPAL-SA-2008-064
  • Project: Node Vote (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-October-15
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection

SA-2008-063 - multiple third party modules - Access bypass due to incorrect Drupal 6 updates

By pwolanin on
  • Advisory ID: DRUPAL-SA-2008-063
  • Project: Several Third-Party Modules incorrectly updated for the Drupal 6 menu system
  • Version: 6.x
  • Date: 2008-October-8
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-062 - SIOC - access bypass

By Amazon on
  • Advisory ID: DRUPAL-SA-2008-062
  • Project: SIOC (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-October-08
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2008-061 - Everyblog - Multiple vulnerabilities

By Amazon on
  • Advisory ID: DRUPAL-SA-2008-061
  • Project: EveryBlog (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-October-08
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability:SQL injection, Cross-site scripting (XSS), Privilege escalation, access bypass

SA-2008-059 - Brilliant Gallery - SQL Injection and Cross Site Scripting

By kbahey on
  • Advisory ID: DRUPAL-SA-2008-059
  • Project: Brilliant Gallery (third-party module)
  • Versions: 5.x
  • Date: 2008-October-1
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection and Cross Site Scripting

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects