• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Drupal Multiple Modules Security Bypass Vulnerabilities

Multiple Drupal Modules are prone to security-bypass vulnerabilities that may allow attackers to gain access to administrative or sensitive areas of the application without the appropriate privileges.

These issues affect versions prior to the following:

Live module 6.x-1.0
AJAX Picture Preview module 6.x-1.2
Admin:hover module 6.x-1.x-dev before 2008-Oct-08
Banner Rotor Module 6.x-1.3
Creative Commons Lite 6.x-1.1
Keyboard shortcut utilty 6.x-1.1
LiveJournal CrossPoster 6.x-1.4
Taxonomy import/export via XML 6.x-1.2
User Referral 6.x-1.x-dev before 2008-Oct-08