HomeNews aggregatorSources

Drupal contributed security feed

Syndicate content
URL: http://drupal.org/security/contrib
Updated: 5 hours 3 min ago

SA-CONTRIB-2010-078 - Kaltura - Information disclosure

Wed, 07/28/2010 - 17:38
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-078
  • Project: Kaltura (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information disclosure

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-077 - Sage Pay (former Protx) Direct Payment Gateway for Ubercart - Information Disclosure

Wed, 07/28/2010 - 12:25
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-077
  • Project: Sage Pay Direct Payment Gateway for Ubercart (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-July-28
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-076 - Dashboard - Cross Site Scripting (CSS)

Wed, 07/28/2010 - 11:11
  • Advisory ID: SA-CONTRIB-2010-076
  • Project: Dashboard (third-party module)
  • Version: 6.x
  • Date: 2010-July-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

read more

Categories: Drupal, Security updates

SA-CONTRIB 2010-075 - Tagging - Cross Site Scripting

Wed, 07/21/2010 - 13:03
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-075
  • Project: Tagging (third-party module)
  • Version: 6.x
  • Date: 2010-July 21
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-074 - Drupad - Cross-site request forgery

Wed, 07/14/2010 - 15:46
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-074
  • Projects: Drupad (third-party module)
  • Version: 6.x
  • Date: 2010-07-14
  • Security risks: Critical
  • Exploitable from: Remote
  • Vulnerability: CSRF

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-073 - Multiple Vulnerabilities In Multiple Contributed Modules

Wed, 07/14/2010 - 15:27
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-073
  • Projects: Multiple third party modules - Simple Gallery, OG Menu, Tell A Friend Node, JsMath For Displaying Mathematics With TeX
  • Version: 5.x, 6.x
  • Date: 2010-July-14
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple (Cross Site Scripting, Email Header Injection)

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-072: Hierarchical Select - Cross Site Scripting

Wed, 07/07/2010 - 11:38
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-0XX
  • Project: Hierarchical Select (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-July-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-071 - MultiSafepay Integration - Cross Site Request Forgery

Wed, 07/07/2010 - 10:53
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-071
  • Project: MultiSafepay Integration (third-party module)
  • Version: 6.x
  • Date: 2010-July-07
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-070 - Multiple vulnerabilities in multiple contributed modules

Wed, 06/23/2010 - 15:48
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-070
  • Projects: Multiple third party modules - Easy Translator, Block Queue, Multiple Image Upload (Imagex)
  • Version: 5.x, 6.x
  • Date: 2010-06-23
  • Security risks: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple (SQL Injection, CSRF, Access bypass)

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-069 - Case Tracker - Multiple Vulnerabilities

Wed, 06/23/2010 - 13:05
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-069
  • Project: Case Tracker (third-party module)
  • Version: 5.x
  • Date: 2010-June-23
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple Vulnerabilities

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-068 - Masquerade - Cross Site Request Forgery

Wed, 06/23/2010 - 12:26
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-068
  • Project: Masquerade (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-June-23
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-067 - Views - Multiple vulnerabilities

Wed, 06/16/2010 - 21:59
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-067
  • Project: Views (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-June-16
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-066 - FileField - Cross Site Scripting

Wed, 06/16/2010 - 20:44
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-066
  • Project: FileField (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-June-16
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-065 - Content Construction Kit (CCK) - Access Bypass

Wed, 06/16/2010 - 15:32
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-065
  • Project: Content Construction Kit (CCK) (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-June-16
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass

read more

Categories: Drupal, Security updates

SA-CONTRIB-2010-064 - Ubercart MIGS Payment Gateway - Web Parameter Tampering

Wed, 06/16/2010 - 14:48
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-064
  • Project: Ubercart MIGS Payment Gateway (third-party module)
  • Versions: 6.x
  • Date: 2010-Jun-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Web Parameter Tampering
Categories: Drupal, Security updates

SA-CONTRIB-2010-063 - Studio theme pack - Cross Site Scripting

Wed, 06/16/2010 - 13:06
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-063
  • Project: Studio theme pack (third-party theme)
  • Version: 6.x
  • Date: 2010-June-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal, Security updates

SA-CONTRIB-2010-062 - Ogone | Ubercart payment - Access Bypass

Wed, 06/16/2010 - 13:05
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-062
  • Project: Ogone | Ubercart payment (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-June-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass
Categories: Drupal, Security updates

SA-CONTRIB-2010-061 - AddonChat - Multiple Vulnerabilities

Wed, 05/26/2010 - 15:14
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-061
  • Project: AddonChat (third-party module)
  • Version: 6.x-1.x
  • Date: 2010-May-26
  • Security risk: Highly Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple (Privilege Escalation, Cross-site scripting)
Categories: Drupal, Security updates

SA-CONTRIB-2010-060 - Scheduler - Cross Site Scripting

Wed, 05/26/2010 - 14:27
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-060
  • Project: Scheduler (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-May-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal, Security updates

SA-CONTRIB-2010-059: Panels - Arbitrary PHP code execution

Wed, 05/19/2010 - 21:37
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-059
  • Project: Panels (third-party module)
  • Versions: 6.x
  • Date: 2010 May 19
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary PHP code execution
Categories: Drupal, Security updates
123next ›last »