1940 matches found
SA-CONTRIB-2011-054 - CKEditor - Access bypass
The CKEditor module allows Drupal to replace textarea fields with the CKEditor - a visual HTML editor, sometimes called WYSIWYG editor. The module doesn't protect private files appropriately. Private files can downloaded by anyone able to guess their URL. CVE identifiers issued CVE-2011-4972...
SA-CONTRIB-2011-055 - Webform CiviCRM Integration - Multiple vulnerabilities
The Webform CiviCRM Integration module extends the functionality of the Webform Module to link form submissions with a CiviCRM database. Version 2.0 of the module added form validation based on CiviCRM data type. A flaw in the implementation of this feature caused other validation handlers to fai...
SA-CONTRIB-2011-053 - Quiz - Cross Site Scripting
Quiz module allows the creation and taking of tests that are scored either automatically or manually by a teacher. The module contains several cross site scripting XSS vulnerabilities that can be exploited when quizzes are being created. These vulnerabilities are mitigated by the fact that an...
SA-CONTRIB-2011-052 - Views SQL Injection
The Views module enables you to list content in your site in various ways. The module doesn't sufficiently escape database parameters for certain filters/arguments on certain types of views with specific configurations of arguments. Versions affected Views 6.x-2.x versions prior to 6.x-2.13 Drupa...
SA-CONTRIB-2011-051 - Hotblocks module - multiple vulnerabilities
The HotBlocks module provides a rich experience for managing blocks. The module contained multiple vulnerabilities including Cross Site Scripting XSS, Access Bypass, and Cross Site Request Forgery CSRF. XSS is mitigated by the fact that an attacker must have a role with the permission "administer...
SA-CONTRIB-2011-050 - Organic groups - Access bypass
Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. OG has an API function to check access to an entity which is in a group "context". When the entity isn't in a...
SA-CONTRIB-2011-049 - Cumulus - Cross Site Scripting (XSS)
The Cumulus module allows you to display your site's tags using a 3D Flash animation. The module ships with a Flash file cumulus.swf that contains a cross site scripting XSS vulnerability that can be exploited when a user is made to view a specially crafted URL. If the user is logged in to an...
SA-CONTRIB-2011-048 - Certificate Login SQL Injection
The Certificate login module provides client certificate authentication of Drupal users. The authentication is based on the client certificate's data fields, which are then used as the user name for authentication. The obtained data isn't properly sanitized using Drupal's database API, which may...
SA-CONTRIB-2011-043 - Petition Node - Cross Site Scripting
Petition node module allows the creation of petition nodes to collect signatures to show support for a cause. The module contains a cross site scripting XSS vulnerability that can be exploited when signing a petition. This vulnerability is mitigated by the fact that it normally requires the 'sign...
SA-CONTRIB-2011-044 - Homebox for Organic Groups Cross Site Scripting
Homebox allows site administrators to create dashboards for their users, using blocks as widgets. Blocks in a Homebox page are resizeable, and reorderable by dragging. Homebox OG is a submodule of Homebox which allows Organics Groups administrators to specify a Homebox to be used as the group...
SA-CONTRIB-2011-045 - Rate module Cross Site Scripting
The Rate module provides flexible rate widgets. These widgets are refreshed via AJAX after voting. The AJAX callback does not correctly handle certain arguments obtained from the URL. By enticing a suitably privileged user to visit a specially crafted URL, a malicious user is able to insert...
SA-CONTRIB-2011-047 - OG Features access bypass
OG Features provides a mechanism for groups to enable or disable certain bundles of functionality, of features, within the groups they administer. The module is able to turn components on and off within given groups by overriding the access callbacks of every menu item, and checking conditions...
SA-CONTRIB-2011-046 - Echo - Multiple Vulnerabilities
The Echo module generates a fully-themed Drupal page, returning the rendered page as a text string and allowing other modules to style an HTML message as if it had been generated by the live website. The module does not properly sanitize user-supplied content, resulting in a Cross-Site Scripting...
SA-CONTRIB-2011-042 Views Bulk Operations - Cross Site Scripting
The Views Bulk Operations VBO module allows actions and rules to be run on the selected views rows nodes, terms, user, etc. It also bundles several convenient actions. One of those actions allows the bulk modification of taxonomy terms on a node. When using the "Modify node taxonomy terms" action...
SA-CONTRIB-2011-041 - Hostmaster (Aegir) - Cross Site Scripting
Hostmaster Aegir provides a system for managing Drupal sites. The theme in Hostmaster, Eldir, does not sanitize the custom body classes correctly leading to a cross site scripting XSS vulnerability that can be exploited when a user is made to view a specially crafted URL. If the user is logged in...
SA-CONTRIB-2011-040 Author Pane access bypass
The Author Pane module provides information about users on a site. This module has integration with several other modules including the user locations of the Location module. If you enabled display of user locations the Author Pane module may have shown user locations to site visitors who did not...
SA-CONTRIB-2011-039 - Bot Alarm - Multiple vulnerabilities
This module enables you to set alarms for your IRC bot. The module does not properly escape the message and channels of alarms in pages listing the alarms, leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...
SA-CONTRIB-2011-038 - Taxonomy Views Integrator - Cross Site Scripting
This module enables you to override whole vocabularies or individual terms with the View of your choice. The module did not filter user entered term descriptions for Cross Site Scripting XSS injections. This vulnerability is mitigated by the fact that an attacker must have a role with the...
SA-CONTRIB-2011-037- Node Invite - Cross Site Scripting
The Node Invite module allows you to invite users with existing accounts or otherwise to specified nodes on a Drupal site. This module does not properly use t strings to ensure all text was sanitized when data was output through a formseterror message, thus creating a Cross Site Scripting XSS...
SA-CONTRIB-2011-035 Forward module - Open redirect
The Forward module enables you to add a "forward this page" link to each node. The link takes regular site visitors to a form where they can generate an email to a friend. The module doesn't check to ensure that the page being forwarded refers to an internal path. This could allow someone to hard...
SA-CONTRIB-2011-036 - Addresses - Cross Site Scripting
This module enables you to link your users and contents to physical addresses. The module doesn't sufficiently filter output when displaying an address. This vulnerability is mitigated by the fact that the module doesn't use the single line display by default, an administrator has to enable that...
SA-CONTRIB-2011-034 - Display Suite - Cross Site Scripting
Display Suite allows you to take full control over how your content is displayed using a drag and drop interface. Arrange your nodes, views, comments, user data etc. the way you want without having to work your way through dozens of template files. In certain situations, Display Suite does not...
SA-CONTRIB-2011-033 - iWebkit - Cross Site Scripting
iWebKit is a web toolkit designed to create iPhone and iPod touch compatible websites and webapps. iWebkit does not properly sanitize menu links when displayed, allowing a malicious user to embed scripts in menu items, thus creating a cross site scripting XSS vulnerability that may lead to an...
SA-CONTRIB-2011-032 - Mail Logger - Cross Site Scripting
The Mail Logger module logs all outgoing e-mails and provides users with the "access mail logger" permission to view logged e-mails. The module does not sanitize the log output of addressee information, subject, and body, leading to a Cross-Site Scripting XSS vulnerability that may lead to a...
SA-CORE-2011-003 - Drupal core - Access bypass
CVE: CVE-2011-2726 Access bypass in private file fields on comments. Drupal 7 contains two new features: the ability to attach File upload fields to any entity type in the system and the ability to point individual File upload fields to the private file directory. If a Drupal site is using these...
SA-CONTRIB-2011-029 - Taxonomy Filter - Cross Site Scripting
The Taxonomy Filter module enables users to filter taxonomy listings to find content tagged by multiple terms. Older versions of the module were susceptible to a Cross Site Scripting XSS attack by way of vocabulary names. The vulnerability was mitigated by the fact that an attacker must have a ro...
SA-CONTRIB-2011-031 - SunMailer - Access bypass
SunMailer Newsletter creates an email newsletter that users can subscribe to. The module includes a page where authenticated users can view and/or edit their newsletter subscription. Access to this page was accidentally granted to anonymous users, creating an access bypass that disclosed all user...
SA-CONTRIB-2011-030 - Devel - Cross Site Request Forgery
The devel module is designed as a tool to accelerate Drupal software development. One of its features enables a highly permissioned developer to quickly switch to another user's account, without providing credentials. The module is vulnerable to Cross Site Request Forgeries CSRF via the links and...
SA-CONTRIB-2011-027 -Facebook Share - Cross Site Scripting (XSS)
This module enables Drupal site administrators to add a Facebook Share button to selected content type nodes. The module doesn't sufficiently check the override text or button size input fields on the module configuration form to prevent against an XSS exploit. This vulnerability is mitigated by...
SA-CONTRIB-2011-028 - Simple Clean - Cross Site Scripting
Simple Clean is a simple and stripped clean theme for Drupal. The theme contains a cross site scripting XSS vulnerability that can be exploited when posting comments. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "post comments". Versions affect...
SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities
This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the users database column but does not replace the pass attribute of the account object used for password reset links. This leads to a vulnerability...
SA-CORE-2011-002 - Drupal core - Access bypass
CVE: CVE-2011-2687 Access bypass in node listings Listings showing nodes but not JOINing the node table show all nodes regardless of restrictions imposed by the nodeaccess system. In core, this affects the taxonomy and the forum subsystem. This issue only affects sites using a node access module...
SA-CONTRIB-2011-025 - Juitter & Download Count - Cross Site Scripting (XSS)
Two modules are being unsupported due to cross site scripting issues. The Juitter module enables you to use Juitter, a jQuery plugin, to put live Twitter search results on your site. The Juitter module contains a cross site scripting XSS vulnerability that can be exploited when setting up the...
SA-CONTRIB-2011-022 - Cosign - SQL Injection
Under certain conditions the module deletes uid 1 and then does an unparameterized dbquery to insert a new uid 1. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer site configuration" and must be able to remotely manipulate the web serve...
SA-CONTRIB-2011-023 - Prepopulate - Multiple vulnerabilities
The Prepopulate module enables pre-populating forms in Drupal using the $REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting XSS possibility in certain circumstances. Users privileged to use forms with certain form fields can insert arbitrary HT...
SA-CONTRIB-2011-024 - Spam - Cross Site Request Forgery (CSFR)
The Spam module provides numerous tools to auto-detect and deal with spam content that is posted to your site, without having to rely on third-party services. The Spam module provides a trainable Bayesian filter, automatic learning of spammer URLs, flagging of content with an excessive number of...
SA-CORE-2011-001 - Drupal core - Multiple vulnerabilities
CVE: CVE-2011-2687 Multiple vulnerabilities and weaknesses were discovered in Drupal. Reflected cross site scripting vulnerability in error handler A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a...
SA-CONTRIB-2011-021 - Webform - Multiple Vulnerabilities
Webform module enables you to create custom webform or survey nodes. These nodes typically may be created either by editorial teams or administrators. Webform does not sufficiently check directory access when a user configures an upload field. This may allow a user to upload malicious files to th...
SA-CONTRIB-2011-020 - Taxonomy Access Control Lite (tac_lite) - Cross Site Scripting
The taclite module allows site administrators to hide nodes and taxonomy terms from users without permission to view them. The permission to view terms can be granted to a specific user, or all users with a specific role. The module doesn't sufficiently strip markup when rendering taxonomy names,...
SA-CONTRIB-2011-019 - Menu Access - Cross Site Scripting
The Menu Access module provides global, menu specific, and per menu item security permissions by role and user account. The Menu Access module contains a cross site scripting XSS vulnerability that can be exploited when a specially formatted menu description is viewed. This could result in...
SA-CONTRIB-2011-017 - Save Draft - Validation Bypass
The Save Draft module adds a "Save as draft" button to the node form, letting content creators easily save a post in unpublished draft form. The module adds validation to individual form actions, thereby bypassing any form-wide validation that is normally performed before saving content. This is ...
SA-CONTRIB-2011-018 - Node Reference URL Widget - Cross Site Scripting
The Node Reference URL Widget module adds a new widget to the Node Reference field type, allowing node reference fields to be auto-populated based on a value from the URL. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS...
SA-CONTRIB-2011-016 - Node Quick Find - Information Disclosure
The Node Quick Find module provides a block to quickly access nodes by title via an auto-completing text field. The module does not use dbrewritesql when generating the list of node titles, allowing users to see the titles of nodes to which they may not have access. Access to the node itself is n...
SA-CONTRIB-2011-015 - Translation Management - Multiple Vulnerabilities
This Translation Management module helps to manage the process of translating content on your site. The module has several vulnerabilities. It doesn't sufficiently escape user text when printed to the browser nor when used in database queries resulting in Cross Site Scripting XSS and SQL Injectio...
SA-CONTRIB-2011-014 - Webform Block - Cross Site Scripting
The Webform Block module enables users to make a webform available as a block. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that may lead to a malicious user gaining full administrative access. The...
SA-CONTRIB-2011-013 - Tagadelic - Cross Site Scripting (XSS)
Tagadelic module offers various ways to display terms and vocabularies in a tag cloud on a page or in a block. The module does not sanitize the taxonomy vocabulary names and descriptions when displayed on listing pages or blocks, leading to a Cross-Site Scripting XSS vulnerability that may lead t...
SA-CONTRIB-2011-011 - Secure Pages - Open redirect
The Secure Pages module allows administrators to choose certain URLs that must be delivered over HTTPS. An open redirection bug allows an attacker to formulate a URL in a way that redirects the user to an arbitrarily provided URL. Versions affected Secure Pages module for Drupal 6.x versions prio...
SA-CONTRIB-2011-012 - Spaces - Access bypass
The Spaces module makes sitewide configuration options available to be overridden by individual "spaces" on a Drupal site. Spaces provides a Views module access plugin that does not properly check its permission setting which may allow underprivileged users to visit certain pages. This...
SA-CONTRIB-2011-010 - Messaging - Cross Site Scripting
The Messaging module is a Framework to allow message sending in a channel independent way. It provides a common API for message composition and sending while allowing plug-ins for multiple messaging methods. The module does not sanitize some of the user-supplied data before displaying it, leading...
SA-CONTRIB-2011-004 - Multiple Vulnerabilities In Multiple Contributed Modules
Versions affected and proposed solutions OG Forum for Drupal 6.x OG Forum creates a forum per organic group and restricts viewing forum nodes by group membership. OG Forum does not properly implement access controls on private forums it creates, which can lead to a private group's forums becoming...