Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Why Drupal?
About Drupal
Platform overview
Drupal 10
Content Authoring
Content as a Service
Decoupled
Accessibility
Marketing Automation
Multilingual
Security
Personalization
Case studies
Video series
News
Use cases
For Developers
For Marketers
E-commerce
Education
FinTech
Government
Healthcare
High Tech
Nonprofit
Retail
Travel
Resources
Installing Drupal
Documentation
User guide
Local Development Guide
Security
News
Blog
Drupal 7 Migrations
Services
Find an Agency Partner
Find a D7 Migration Partner
Find Integrations & Hosting
Find Drupal Training
Become a Certified Partner
Community
How to Contribute
About the Community
Support
Community Governance
Jobs/Careers
Events
DrupalCon Portland 2024
DrupalCon Barcelona 2024
Community Events
Download
Download
Modules
Themes
Distributions
Issue queues
Browse Repository
Give
Drupal Association
Become an Organization Member
Become a Certified Partner
Become an Individual Member
Make a Donation
Discover Drupal
Drupal Swag Shop
Demo
Demo online
Download
Return to content
Search form
Search
Log in
Create account
Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Learn more
Deprecated - Security advisories for contributed projects
This forum is deprecated —
view current Drupal contributed projects security advisories
SA-2007-022 - Boost - file overwrite
By
bjaspan
on
3 Oct 2007 at 19:10 UTC
Advisory ID: DRUPAL-SA-2007-022.
Project: Boost (third-party module)
Version: 4.7.x-1.*, 5.x-0.*
Date: 2007-10-03
Security risk: Critical
Exploitable from: Remote
Vulnerability: Filesystem overwrite
SA-2007-021: Project issue tracking - XSS vulnerabilities in subscription forms.
By
hunmonk
on
3 Oct 2007 at 17:39 UTC
Advisory ID: DRUPAL-SA-2007-021.
Project: Project issue tracking (third-party module)
Version: 4.7.x-1.x, 4.7.x-2.x, 5.x-1.x
Date: 2007-Sep-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross-site scripting (XSS)
Project and Project issue tracking - Access bypass
By
dww
on
19 Aug 2007 at 23:14 UTC
Advisory ID: DRUPAL-SA-2007-020.
Project: Project and Project issue tracking (third-party modules)
Version: 4.7.x-1.*, 4.7.x-2.*, 5.x-0.*
Date: 2007-Aug-20
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass
Content Construction Kit - Cross site scripting
By
Heine
on
13 Aug 2007 at 19:35 UTC
Advisory ID: DRUPAL-SA-2007-019
Project: Content Construction Kit (CCK) (third-party module)
Version: 4.7.x-1.x, 5.x-1.x
Date: 2007-August-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting
LoginToboggan - Cross site scripting
By
dww
on
12 Jul 2007 at 20:45 UTC
Advisory ID: DRUPAL-SA-2007-016
Project: LoginToboggan (third-party module)
Version: 4.7.x-1.0, 4.7.x-1.x-dev, 5.x-1.x-dev
Date: 2007-07-12
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Cross site scripting
Forward - Access bypass
By
AjK
on
9 Jul 2007 at 22:02 UTC
Advisory ID: DRUPAL-SA-2007-015
Project: Forward (third-party module)
Version: 5.x and 4.7.x
Date: 2007-July-09
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass
Pages
« first
‹ previous
…
175
176
177
178
179
180
181
182
183
…
next ›
last »
Subscribe with RSS