SA-CONTRIB-2014-075 - Biblio Autocomplete - SQL injection and Access Bypass

By Drupal Security Team on

SA-CONTRIB-2014-074 - Storage API - Code execution prevention

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-074
  • Project: Storage API (third-party module)
  • Version: 7.x
  • Date: 2014-July-30
  • Security risk: (Less Critical)
  • Vulnerability: Arbitrary PHP code execution

SA-CONTRIB-2014-073- Date - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-073
  • Project: Date (third-party module)
  • Version: 7.x
  • Date: 2014-July-30
  • Security risk: Moderately Critical
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2014-072 - Freelinking, Freelinking Case Tracker - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-072
  • Project: freelinking (third-party module)
  • Project: freelinking case tracker (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-July-23
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-CONTRIB-2014-071 - FileField - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-071
  • Project: FileField (third-party module)
  • Version: 6.x
  • Date: 2014-July-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2014-070 - Password Policy - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-070
  • Project: Password Policy (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-July-16
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects