news aggregator
October 1, 2008
15:24
- Advisory ID: DRUPAL-SA-2008-059
- Project: Brilliant Gallery (third-party module)
- Versions: 5.x
- Date: 2008-October-1
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: SQL injection and Cross Site Scripting
Source: Drupal Security Announcements
September 24, 2008
17:42
- Advisory ID: DRUPAL-SA-2008-058
- Project: Brilliant Gallery (third-party module)
- Versions: 5.x, 6.x
- Date: 2008-September-25
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: SQL injection
Source: Drupal Security Announcements
14:48
- Advisory ID: DRUPAL-SA-2008-057
- Project: Ajax Checklist (third-party module)
- Versions: 5.x
- Date: 2008-September-24
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: SQL injection, Cross site scripting
Source: Drupal Security Announcements
13:58
- Advisory ID: DRUPAL-SA-2008-056
- Project: Simplenews (third-party module)
- Versions: 5.x, 6.x
- Date: 2008-September-24
- Security risk: Not Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
13:13
- Advisory ID: DRUPAL-SA-2008-055
- Project: Stock (third-party module)
- Versions: 6.x
- Date: 2008-September-24
- Security risk: Moderately Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
11:54
- Advisory ID: DRUPAL-SA-2008-054
- Project: Plugin Manager (third-party module)
- Versions: 6.x
- Date: 2008-September-24
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Access bypass
Source: Drupal Security Announcements
September 18, 2008
08:31
- Advisory ID: DRUPAL-SA-2008-053
- Project: Answers (third-party module)
- Versions: 5.x
- Date: 2008-September-18
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
September 17, 2008
14:13
- Advisory ID: DRUPAL-SA-2008-052
- Project: Link To Us (third-party module)
- Versions: 5.x
- Date: 2008-September-17
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
12:20
- Advisory ID: DRUPAL-SA-2008-051
- Project: Mailsave (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-September-17
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
11:31
- Advisory ID: DRUPAL-SA-2008-050
- Project: Mailhandler (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-September-17
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: SQL injection
Source: Drupal Security Announcements
11:11
- Advisory ID: DRUPAL-SA-2008-049
- Project: Talk (third-party module)
- Version: 5.x, 6.x
- Date: 2008-September-17
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting, Node access bypass
Source: Drupal Security Announcements
September 4, 2008
14:43
- Advisory ID: DRUPAL-SA-2008-048-b
- Project: CCK (third-party module)
- Version: 5.x
- Date: 2008-Sep-04
- Security risk: Not critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
August 13, 2008
18:27
- Advisory ID: DRUPAL-SA-2008-047
- Project: Drupal core
- Version: 5.x, 6.x
- Date: 2008-August-13
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
July 23, 2008
14:58
- Advisory ID: DRUPAL-SA-2008-046
- Project: Drupal core
- Version: 5.x
- Date: 2008-July-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Session fixation
Source: Drupal Security Announcements
July 9, 2008
17:08
- Advisory ID: DRUPAL-SA-2008-045
- Project: OpenID (third-party module)
- Version: 5.x
- Date: 2008-July-9
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting, Cross site request forgeries
Source: Drupal Security Announcements
16:24
- Advisory ID: DRUPAL-SA-2008-044
- Project: Drupal core
- Version: 5x, 6.x
- Date: 2008-July-9
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
July 2, 2008
15:56
- Advisory ID: DRUPAL-SA-2008-043
- Project: Outline designer (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Privilege escalation
Source: Drupal Security Announcements
15:51
- Advisory ID: DRUPAL-SA-2008-042
- Project: Tinytax taxonomy block (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
15:48
- Advisory ID: DRUPAL-SA-2008-041
- Project: Taxonomy autotagger (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and SQL injection
Source: Drupal Security Announcements
15:42
- Advisory ID: DRUPAL-SA-2008-040
- Project: Organic Groups (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-July-02
- Security risk: Less Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and information disclosure
Source: Drupal Security Announcements