Güvenlik Uyarıları

İçeriği paylaş
This list is for security announcements sent out be the Drupal security team.
Güncellendi: 46 dakika 32 saniye önce

SA-2008-069 - CCK for 5.x and 6.x - XSS vulnerabilities

Çar, 2008-11-05 20:51
  • Advisory ID: DRUPAL-SA-2008-069
  • Project: Content Construction Kit (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2008-November-5
  • Security risk: Minor
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

read more

Kategoriler: Drupal

SA-2008-068 - Localization client and Localization server - Cross site request forgery

Çar, 2008-10-22 22:34
  • Advisory ID: DRUPAL-SA-2008-068
  • Project: Localization client and Localization server (third-party modules)
  • Versions: 5.x, 6.x
  • Date: 2008-October-22
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

read more

Kategoriler: Drupal

SA-2008-067 - Drupal core - Multiple vulnerabilities

Çar, 2008-10-22 21:06
  • Advisory ID: DRUPAL-SA-2008-067
  • Project: Drupal core
  • Versions: 5.x and 6.x
  • Date: 2008-October-22
  • Security risk: Less Critical
  • Exploitable from: Local/Remote
  • Vulnerability: Multiple vulnerabilities

read more

Kategoriler: Drupal

SA-2008-066 - Shindig-Integrator - Multiple vulnerabilities

Çar, 2008-10-15 21:02
  • Advisory ID: DRUPAL-SA-2008-066
  • Project: Shindig-Integrator (third-party module)
  • Versions: 5.x
  • Date: 2008-October-15
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

read more

Kategoriler: Drupal

SA-2008-065 - Node Clone - Access bypass

Çar, 2008-10-15 20:27
  • Advisory ID: DRUPAL-SA-2008-065
  • Project: Node Clone (third-party module)
  • Version: 6.x, and 5.x.
  • Date: 2008-October-15
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-064 - Node Vote - SQL injection vulnerability

Çar, 2008-10-15 18:46
  • Advisory ID: DRUPAL-SA-2008-064
  • Project: Node Vote (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-October-15
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection

read more

Kategoriler: Drupal

SA-2008-063 - multiple third party modules - Access bypass due to incorrect Drupal 6 updates

Per, 2008-10-09 21:41
  • Advisory ID: DRUPAL-SA-2008-063
  • Project: Several Third-Party Modules incorrectly updated for the Drupal 6 menu system
  • Version: 6.x
  • Date: 2008-October-8
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-063 - multiple third party modules - Access bypass due to incorrect Drupal 6 updates

Per, 2008-10-09 16:49
  • Advisory ID: DRUPAL-SA-2008-063
  • Project: Several Third-Party Modules incorrectly updated for the Drupal 6 menu system
  • Version: 6.x
  • Date: 2008-October-8
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-062 - SIOC - access bypass

Çar, 2008-10-08 23:47
  • Advisory ID: DRUPAL-SA-2008-062
  • Project: SIOC (third-party module)
  • Versions: 5.x and 6.x
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-061 - Everyblog - Multiple vulnerabilities

Çar, 2008-10-08 23:45
  • Advisory ID: DRUPAL-SA-2008-061
  • Project: EveryBlog (third-party module)
  • Versions: 5.x and 6.x
  • Date: 2008-October-08
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability:SQL injection, Cross-site scripting (XSS), Privilege escalation, access bypass

read more

Kategoriler: Drupal

SA-2008-060 - Drupal core - Multiple vulnerabilities

Çar, 2008-10-08 23:43
  • Advisory ID: DRUPAL-SA-2008-060
  • Project: Drupal core
  • Versions: 5.x and 6.x
  • Date: 2008-October-8
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

read more

Kategoriler: Drupal

SA-2008-063 - multiple third party modules - Access bypass due to incorrect Drupal 6 updates

Çar, 2008-10-08 23:28
  • Advisory ID: DRUPAL-SA-2008-063
  • Project: Several Third-Party Modules incorrectly updated for the Drupal 6 menu system
  • Version: 6.x
  • Date: 2008-October-8
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-059 - Brilliant Gallery - SQL Injection and Cross Site Scripting

Çar, 2008-10-01 22:24
  • Advisory ID: DRUPAL-SA-2008-059
  • Project: Brilliant Gallery (third-party module)
  • Versions: 5.x
  • Date: 2008-October-1
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection and Cross Site Scripting

read more

Kategoriler: Drupal

SA-2008-058 - Brilliant Gallery - SQL Injection

Per, 2008-09-25 00:42
  • Advisory ID: DRUPAL-SA-2008-058
  • Project: Brilliant Gallery (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2008-September-25
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection

read more

Kategoriler: Drupal

SA-2008-057 - Ajax Checklist - Multiple vulnerabilities

Çar, 2008-09-24 21:48
  • Advisory ID: DRUPAL-SA-2008-057
  • Project: Ajax Checklist (third-party module)
  • Versions: 5.x
  • Date: 2008-September-24
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL injection, Cross site scripting

read more

Kategoriler: Drupal

SA-2008-056 - Simplenews - Cross site scripting

Çar, 2008-09-24 20:58
  • Advisory ID: DRUPAL-SA-2008-056
  • Project: Simplenews (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2008-September-24
  • Security risk: Not Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

read more

Kategoriler: Drupal

SA-2008-055 - Stock - Cross site scripting

Çar, 2008-09-24 20:13
  • Advisory ID: DRUPAL-SA-2008-055
  • Project: Stock (third-party module)
  • Versions: 6.x
  • Date: 2008-September-24
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

read more

Kategoriler: Drupal

SA-2008-054 - Plugin Manager - Access bypass

Çar, 2008-09-24 18:54
  • Advisory ID: DRUPAL-SA-2008-054
  • Project: Plugin Manager (third-party module)
  • Versions: 6.x
  • Date: 2008-September-24
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

read more

Kategoriler: Drupal

SA-2008-053 - Answers - Cross site scripting

Per, 2008-09-18 15:31
  • Advisory ID: DRUPAL-SA-2008-053
  • Project: Answers (third-party module)
  • Versions: 5.x
  • Date: 2008-September-18
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

read more

Kategoriler: Drupal

SA-2008-052 - Link To Us - Cross site scripting

Çar, 2008-09-17 21:13
  • Advisory ID: DRUPAL-SA-2008-052
  • Project: Link To Us (third-party module)
  • Versions: 5.x
  • Date: 2008-September-17
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

read more

Kategoriler: Drupal