what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 28 of 28

Files Date: 2005-12-03 to 2005-12-04

DRUPAL-SA-2005-009.txt

Posted Dec 3, 2005

Authored by Uwe Hermann | Site hermann-uwe.de

Drupal versions 4.6.0 through 4.6.3 suffer from an authentication bypass flaw when using PHP5.

tags | advisory

SHA-256 | 7a3173d83565d75a35fe66ad58972f59aa52440ff343ed08cf689d5678f0cbb5

Download | Favorite | View

DRUPAL-SA-2005-008.txt

Posted Dec 3, 2005

Authored by Uwe Hermann | Site hermann-uwe.de

Drupal versions 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 suffer a script injection flaw via attached files.

tags | advisory

SHA-256 | 35ec66097d4c6335e28d0d8461f7643c24bda8158fd7cf7483a3784f08d8f0d4

Download | Favorite | View

DRUPAL-SA-2005-007.txt

Posted Dec 3, 2005

Authored by Uwe Hermann | Site hermann-uwe.de

Drupal versions 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 suffer from cross site scripting flaws due to various quirks in interpretation of non-sensical attribute values.

tags | advisory, xss

SHA-256 | 38da2e32558d5e0702a8afa7f1fe5a808d08bed9886b36688f6b45d007ac9ff7

Download | Favorite | View