Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

User Dashboard - SQL Injection - Critical - SA-CONTRIB-2015-152

By Drupal Security Team on 30 Sep 2015 at 20:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-152
Project: UserDashboard (third-party module)
Version: 7.x
Date: 2015-September-30
Security risk: 19/25 ( Critical) AC:Complex/A:None/CI:All/II:All/E:Theoretical/TD:All
Vulnerability: SQL Injection

Scald - Moderately Critical - Information Disclosure - SA-CONTRIB-2015-151

By Drupal Security Team on 16 Sep 2015 at 15:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-151
Project: Scald: Media Management made easy (third-party module)
Version: 7.x
Date: 2015-September-16
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Information Disclosure

CMS Updater - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2015-150

By Drupal Security Team on 16 Sep 2015 at 15:05 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-150
Project: CMS Updater (third-party module)
Version: 7.x
Date: 2015-September-16
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:User/CI:None/II:Some/E:Proof/TD:All
Vulnerability: Cross Site Scripting, Access bypass

amoCRM - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2015-149

By Drupal Security Team on 16 Sep 2015 at 14:55 UTC

Advisory ID: SA-CONTRIB-2015-149
Project: amoCRM (third-party module)
Version: 7.x
Date: 2015-September-16
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:Some/E:Proof/TD:Default
Vulnerability: Cross Site Scripting

Drupal 7 driver for SQL Server and SQL Azure - Moderately Critical - SQL Injection - SA-CONTRIB-2015-148

By Drupal Security Team on 16 Sep 2015 at 14:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-148
Project: Drupal 7 driver for SQL Server and SQL Azure (third-party module)
Version: 7.x
Date: 2015-September-16
Security risk: 10/25 ( Moderately Critical) AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: SQL Injection

RESTful - Moderately Critical - Access bypass - SA-CONTRIB-2015-147

By Drupal Security Team on 9 Sep 2015 at 18:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-147
Project: RESTful (third-party module)
Version: 7.x
Date: 2015-September-09
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Default
Vulnerability: Access bypass

Pages

Subscribe with RSS