Drupal

Custom Tokens - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-041

Project: Custom Tokens
Date: 2018-June-13
Security risk: *Critical* 16∕25
Vulnerability: Arbitrary PHP code execution

Description

The Custom Tokens module enables you to create custom tokens for specific
replacements that can improve other modules relying on the token API.

The module doesn't sufficiently identify that its custom permissions are
risky and should only be granted to highly trusted roles.

Mollom - Critical - Unsupported - SA-CONTRIB-2018-038

Project: Mollom
Date: 2018-June-06
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this project unsupported. There is a known
security issue with the project that has not been fixed by the maintainer. If
you would like to maintain this project, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported projects critical by default.

AdTego SiteIntel - AdBlocker Detect - Critical - Unsupported - SA-CONTRIB-2018-039

Project: AdTego SiteIntel - AdBlocker Detect
Date: 2018-June-06
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this project unsupported. There is a known
security issue with the project that has not been fixed by the maintainer. If
you would like to maintain this project, please read:
https://www.drupal.org/node/251466.

Entity Delete - Critical - Multiple Vulnerabilities - SA-CONTRIB-2018-040

Project: Entity Delete
Date: 2018-June-06
Security risk: *Critical* 18∕25
Vulnerability: Multiple Vulnerabilities

Description

 
This module enables you to delete any types of entities in bulk.

The module doesn't sufficiently verify access permissions under its use
cases, leading to access bypass. The module also does not protect against
Cross Site Request Forgeries on its delete process.

Zircon - Critical - Unsupported - SA-CONTRIB-2018-037

Project: Zircon
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

TB Nucleus - Critical - Unsupported - SA-CONTRIB-2018-031

Project: TB Nucleus
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

Baidu Analytics - Critical - Unsupported - SA-CONTRIB-2018-029

Project: Baidu Analytics
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

iShopping - Critical - Unsupported - SA-CONTRIB-2018-033

Project: iShopping
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

Hotel - Critical - Unsupported - SA-CONTRIB-2018-034

Project: Hotel
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

 
The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

Education - Critical - Unsupported - SA-CONTRIB-2018-036

Project: Education
Date: 2018-May-23
Security risk: *Critical* 15∕25
Vulnerability: Unsupported

Description

The security team is marking this module unsupported. There is a known
security issue with the module that has not been fixed by the maintainer. If
you would like to maintain this module, please read:
https://www.drupal.org/node/251466.

The security team marks all unsupported modules critical by default.

Pages

Subscribe to Drupal