Lucene search
+L

466 matches found

Tenable Nessus
Tenable Nessus
added 2011/07/18 12:0 a.m.24 views

Fedora 15 : drupal7-7.4-1.fc15 (2011-8878)

Remember to log in as user 1 prior to the RPM update, to perform the DB upgrade via http://yoursite/update.php. - Advisory ID: DRUPAL-SA-CORE-2011-002 - Project: Drupal core 1 - Version: 7.x - Date: 2011-JUNE-29 - Security risk: Highly critical 2 - Exploitable from: Remote - Vulnerability: Access...

7.5CVSS5.4AI score0.03056EPSS
Exploits0References5
Fedora
Fedora
added 2011/06/04 3:3 a.m.13 views

[SECURITY] Fedora 14 Update: drupal7-7.2-1.fc14

Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure...

2AI score
Exploits0
Drupal
Drupal
added 2011/05/25 12:0 a.m.662 views

SA-CORE-2011-001 - Drupal core - Multiple vulnerabilities

CVE: CVE-2011-2687 Multiple vulnerabilities and weaknesses were discovered in Drupal. Reflected cross site scripting vulnerability in error handler A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a...

7.5CVSS6.1AI score0.03056EPSS
Exploits0References15
Drupal
Drupal
added 2011/05/18 12:0 a.m.13 views

SA-CONTRIB-2011-021 - Webform - Multiple Vulnerabilities

Webform module enables you to create custom webform or survey nodes. These nodes typically may be created either by editorial teams or administrators. Webform does not sufficiently check directory access when a user configures an upload field. This may allow a user to upload malicious files to th...

6.2AI score
Exploits0References13
Drupal
Drupal
added 2011/04/27 12:0 a.m.15 views

SA-CONTRIB-2011-017 - Save Draft - Validation Bypass

The Save Draft module adds a "Save as draft" button to the node form, letting content creators easily save a post in unpublished draft form. The module adds validation to individual form actions, thereby bypassing any form-wide validation that is normally performed before saving content. This is ...

7.1AI score
Exploits0References10
Drupal
Drupal
added 2011/02/02 12:0 a.m.16 views

SA-CONTRIB-2011-005 - AES encryption - Information disclosure

Due to a piece of code used for debugging mistakenly left in the release, the plain text password of the user who last logged in is written to a text file in the Drupal root directory. This file is remotely accessible, thus an attacker with the knowledge of which user last logged in may access th...

7.4AI score
Exploits0References8
Rows per page
Query Builder