120 matches found
EUVD-2010-3670
Malware in sbrugna...
EUVD-2008-4578
Malware in sbrugna...
EUVD-2009-1839
Malware in sbrugna...
EUVD-2008-4319
Malware in sbrugna...
EUVD-2008-0285
Malware in sbrugna...
EUVD-2010-3669
Malware in sbrugna...
EUVD-2007-5573
Malware in sbrugna...
EUVD-2009-0606
Malware in sbrugna...
EUVD-2007-6265
Malware in sbrugna...
EUVD-2008-2765
Malware in sbrugna...
CVE-2010-2472
CVE-2010-2472 affects Drupal 6.x < 6.16 and 5.x
[SECURITY] Fedora 21 Update: drupal6-cck-2.10-1.fc21
The Content Construction Kit allows you to add custom fields to custom content types using a web interface. In Drupal 5.x, custom content types can be created in Drupal core, and the Content Construction Kit allows you to add custom fields to any content type. In Drupal 7 and later, most of the...
[SECURITY] Fedora 18 Update: drupal7-rules-2.3-1.fc18
The rules modules allows site administrators to define conditionally execut ed actions based on occurring events known as reactive or ECA rules. It's a replacement with more features for the trigger module in core and the successor of the Drupal 5 workflow-ng module...
[SECURITY] Fedora 17 Update: drupal7-rules-2.3-1.fc17
The rules modules allows site administrators to define conditionally execut ed actions based on occurring events known as reactive or ECA rules. It's a replacement with more features for the trigger module in core and the successor of the Drupal 5 workflow-ng module...
SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities
This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the users database column but does not replace the pass attribute of the account object used for password reset links. This leads to a vulnerability...
SA-CONTRIB-2010-113 - Image - Cross Site Scripting
The Image module project contains supplemental modules, one of which, Image gallery, allows users to create and maintain galleries of image nodes using taxonomy terms. The Image gallery module does not sanitize some user-supplied data before displaying it, leading to a Cross Site Scripting XSS...
SA-CONTRIB-2010-100 - Ubuntu Drupal Theme - Directory traversal and information disclosure
This Ubuntu Drupal Theme - Brown is designed to mimic the old ubuntu.com. The theme used a PHP file to generate a gradient image on the fly. User input from the URL is not properly validated in this PHP code, leading to a directory traversal vulnerability where the contents of any file readable b...
SA-CONTRIB-2010-094 - Embedded Media Field - Access bypass
The Embedded Media Field project is a set of modules that enable editors to post URL's and embed codes for third party media providers such as YouTube, Vimeo, or Flickr, which will be automatically parsed and displayed using preset formatters. The Embedded Video Field module packaged with the...
SA-CONTRIB-2010-095 - Lightbox2 - Multiple Vulnerabilities
The Lightbox2 module enables images to be overlaid on the current page using JavaScript. The module displays images above the page instead of within it, freeing the page design from layout constraints and keeping users on the same page. The module does not sanitize some of the user supplied data...
SA-CONTRIB-2010-085 - Pathauto - Cross Site Scripting
The Pathauto module automatically generates path aliases for various kinds of content nodes, categories, users without requiring the user to manually specify the path alias. It also provides additional tokens that can be used in URL alias patterns and anywhere else that the Token API is used. The...