12 matches found
Fedora 36 : drupal7-i18n (2022-91ce497459)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-91ce497459 advisory. - https://www.drupal.org/project/i18n/releases/7.x-1.31 - https://www.drupal.org/project/i18n/releases/7.x-1.30 -...
Fedora 31 : drupal7-ckeditor (2020-71ebbd64dc)
https://www.drupal.org/project/ckeditor/releases/7.x-1.19 - https://www.drupal.org/sa-contrib-2020-007 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as...
Frequently Asked Questions - Critical - Unsupported - SA-CONTRIB-2019-077
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Fedora 30 : drupal7-uuid (2019-9f613ab692)
https://www.drupal.org/project/uuid/releases/7.x-1.3 - https://www.drupal.org/sa-contrib-2019-052 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Immunity Canvas: DRUPAL_NAME_SQLI
Name| drupalnamesqli ---|--- CVE| CVE-2014-3704 Exploit Pack| CANVAS Description| Drupal injection exploit Notes| CVE Name: CVE-2014-3704 VENDOR: drupal.org Notes: This exploit replaces the password of 'Drupal User' with 'Drupal Password'. If uid is specified, 'Drupal User' is ignored...
Fedora 20 : drupal6-ctools-1.11-1.fc20 (2014-2531)
Updated to 1.11 - Release notes: https://drupal.org/node/2194547 - SA-CONTRIB-2014-013 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible withou...
Debian Security Advisory DSA 2847-1 (drupal7 - several vulnerabilities)
Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-1475 Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows...
Debian Security Advisory DSA 2828-1 (drupal6 - several vulnerabilities)
Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: vulnerabilities due to optimistic cross-site request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation. In order to avoid the...
Fedora 18 : drupal7-ctools-1.3-1.fc18 (2013-4937)
New security release. Release notes: http://drupal.org/node/1960424 SA-CONTRIB-2013-041: http://drupal.org/node/1960406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Drupal用户只读模块安全绕过漏洞
Drupal是一款开放源码的内容管理平台。 Drupal 6.x-1.x的用户只读模块在执行某些操作时,应用错误地分配了角色,成功利用后可获取管理员权限。 0 Drupal User Read-Only Module 7.x Drupal User Read-Only Module 6.x 厂商补丁: Drupal ------ Drupal已经为此发布了一个安全公告(1840886)以及相应补丁: 1840886:SA-CONTRIB-2012-163 - User Read-Only - Permission escalation...
Fedora 13 : drupal-cck-6.x.2.8-1.fc13 (2010-15707)
Contains fix for DRUPAL-SA-CONTRIB-2010-088. http://drupal.org/node/880736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...
SA-2008-054 - Plugin Manager - Access bypass
The Plugin Manager module provides the methods and graphical interfaces needed to automatically install new modules and themes from the Drupal.org website. An oversight in the menu permissions code allows any user to uninstall and remove modules installed with the Plugin Manager. This risk is onl...