Drupal version 6.22 with Hotblocks 6.x suffers from cross site scripting and denial of service vulnerabilities. Proof of concept information included.
17fd7caf06fdac8c5a9e14bc764b6c00c9303d84f1395974dc92767ed9a8a7f2Secunia Security Advisory - Justin C. Klein Keane has reported two vulnerabilities in the HotBlocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and cause a DoS (Denial of Service).
fd66d289c29962cfb58bf6dff524d5a580cb93c94046532983e4247cd4e04963Secunia Security Advisory - A vulnerability has been reported in the Elegant theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
d2854560cddfa61cfe86ceecb80c48718450d1c7f41c5dd9b2a5bee6ad23de4bSecunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Custom Publishing Options module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
cc35b5266f1d0b8ceb2030857739c796b62542e3b08fdf9ae6beacedabc27687Drupal version 6.22 with Custom Publishing Options version 6.x-1.4 suffers from a cross site scripting vulnerability. Proof of concept information included.
48dd91f8b89ca979ca8e11af83723a4ee087f9e15fcaa581b8d6f6470708cf67Drupal Elegant Theme third party module version 7.x suffers from a cross site scripting vulnerability.
5cd009a2b5bb39d8473e502fc09119a2302b0d2363ca9167442d0a9f58ad5ea2Drupal Custom Publishing Options third party module version 6.x suffers from a cross site scripting vulnerability.
5c0dec500b232cd3c340e97fe90d0022a5f7a7cae9406845e963e1c4492c9de0Drupal Hotblocks third party module version 6.x suffers from cross site scripting and denial of service vulnerabilities.
3a4741a9e059e7fcb96a3197a8a6b543be251afe504d362ea481cb4229600a6bSecunia Security Advisory - A vulnerability has been reported in the Better Revisions module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
f62062aede512bc747cdd5d29b74e01315eac8fffe61038b2bbc21406cf8c3c7Secunia Security Advisory - A vulnerability has been reported in the Shorten URLs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
76acf0912fd1bef511287486226dc7a54eae854d0dfaacb2cde4ba270633690fSecunia Security Advisory - A security issue has been reported in the Mime Mail module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
7dffba5850295137080314ec6ac3e23bd96a2335cdae30f3320024c3e23aecd4Drupal Mime Mail third party module version 6.x suffers from an access bypass vulnerability.
b0a039f3f8e50612edc18654e3f08fa0768e7cce033393312917b22dddb2ce6fDrupal Shibboleth Authentication third party module version 6.x suffers from an access bypass vulnerability.
e56e802811cdc559b6dff8457f24a6cff5246f7478e4aea1adf2290a3508efecDrupal Better Revisions third party module version 7.x suffers from a cross site scripting vulnerability.
706f0cf2a00a465418ab1fd8ca4abfcb890a16db89f027f30d26c3c20d1b13acSecunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.
a8db0f30b9271f122f48329f760cb003e0fa1324a73e9ab0ac9e0d5b7ffcb8a1Drupal Short URLs third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
2338b653ebbdca2d0e36655118d648626d3e1f46b55c30aef10e28f14326d139Drupal Chaos Tool Suite (ctools) third party module versions 6.x and 7.x suffer from cross site scripting and local file inclusion vulnerabilities.
12064a3019b369f44e0d7a14cf85b3ca9fa4586cade8f60da291fa6cfddc03aeSecunia Security Advisory - A vulnerability has been reported in the Monthly Archive by Node Type module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
240c417eae8f8df460a723b3346ab0592c616bf6906706bd353050ffd996a085Drupal Monthly Archive by Node Type third party module version 6.x suffers from an access bypass vulnerability.
a79eeee9dc57aac9081d2e2b553550f784828338a30d7390d676b3e0348724ceDrupal Excluded Users third party module version 6.x suffers from a cross site scripting vulnerability.
addd9040d9804b20bf2747a593ea90f8844b40a9c062b5c35e5ae9abefa9508cSecunia Security Advisory - A vulnerability has been reported in the Gallery formatter module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
366d337e0ad32e051d0bb63ab0c798ca65a376bf2fe4026d9fe405b11437c01eSecunia Security Advisory - A security issue has been reported in the Subuser module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
a37a24176ef8c0c54929099f668e4e78d448b30350f5718de62049afc104ff0dSecunia Security Advisory - A security issue has been reported in the Location module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
454541b7a58fc771d7673b623827bb759fe2c702b466c14b246f379f5aa68b04Secunia Security Advisory - A weakness has been reported in the Secure Login module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
6a5dcea1138907bac81b8d38c6dc8b0ace4938837cf2debd399056437fb8f8f0Drupal Subuser third party module version 6.x suffers from access bypass and cross site request forgery vulnerabilities.
f1e7353947ba5d34aebd66e41a93861e0be79700e5fc6ab0bdea97b13c264eb9Drupal Location third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
32e857f20d34d7a34a7f4fb7806d0de7e4b43d13c188388880debffda623191b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed