Maodweb's blog

Content Blocker

Content Blocker enables users to block the content they see according to various parameters. Current implementations are for blocking by user and blocking by leech feed. So like on some social networking sites, users can say "I don't want to see any content by User X."
Logged in users with appropriate...

read more

Content Recommendation Engine

This module makes use of Votingapi and the Similarity modules to generate recommended nodes to users. To render the generated recommendations it makes use of Views 2 integration.
all development on 5.x branch has halted. This was decided because it is broken and I have made a considerably more flexible...

read more

Content Moderator

This module allows you to give a "moderate nodes" permission to a user role. Users with this permission may see a list of content (restricted using the node access table via db_rewrite_sql so they cannot see content they are normally prohibited) at /admin/content_moderator. Within this list they can...

read more

Conference Organizing

This module makes it easy to organize conferences through your website. It is intended to only be used on sites installed with the Conference Organizing Distribution and utilizing the Conference Organizing Theme.

Project Information

Module categories: Event
Maintenance status:...

read more

Connect

Connect allows you to easily create very flexible petitions and email or fax campaigns using CCK.
The connect module more generally lets you link 'parent' nodes to 'participant' nodes, and allows the definition of actions to be taken when participant nodes are created, including sending emails to defined...

read more

SA-2008-018 - Drupal core - Cross site scripting

  • Advisory ID: DRUPAL-SA-2008-018
  • Project: Drupal core
  • Version: 6.0
  • Date: 2008-February-27
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple cross site scripting vulnerabilities

SA-2008-007 - Drupal core - Cross site scripting (register_globals)

  • Advisory ID: DRUPAL-SA-2008-007
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2008-January-10
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting when register_globals is enabled.

SA-2008-006 - Drupal core - Cross site scripting (UTF8)

  • Advisory ID: DRUPAL-SA-2008-006
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2008-January-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2008-005 - Drupal core - Cross site request forgery

  • Advisory ID: DRUPAL-SA-2008-005
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2008-January-10
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

SA-2007-031 - Drupal core - SQL Injection possible when certain contributed modules are enabled

  • Advisory ID: DRUPAL-SA-2007-031
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-December-05
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: SQL Injection

SA-2007-030 - Drupal Core - API handling of unpublished comment.

  • Advisory ID: DRUPAL-SA-2007-030
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-October-17
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-2007-029 - Drupal core - User deletion cross site request forgery

  • Advisory ID: DRUPAL-SA-2007-029
  • Project: Drupal core
  • Version: 5.x
  • Date: 2007-October-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery

SA-2007-026 - Drupal Core - Cross site scripting via uploads

  • Advisory ID: DRUPAL-SA-2007-026
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-October-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting

SA-2007-025 - Drupal core - Arbitrary code execution via installer.

  • Advisory ID: DRUPAL-SA-2007-025
  • Project: Drupal core
  • Version: 5.x
  • Date: 2007-October-17
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution

SA-2007-024 - Drupal Core - HTTP response splitting

  • Advisory ID: DRUPAL-SA-2007-024
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-October-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: HTTP response splitting

Drupal core - Multiple cross site scripting vulnerabilities

  • Advisory ID: DRUPAL-SA-2007-018
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-July-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple cross site scripting vulnerabilities

Drupal core - Cross site request forgeries

  • Advisory ID: DRUPAL-SA-2007-017
  • Project: Drupal core
  • Version: 5.x
  • Date: 2007-July-26
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple cross site request forgeries

DRUPAL-SA-2007-005 - Drupal core - Arbitrary code execution

  • Advisory ID: DRUPAL-SA-2007-005
  • Project: Drupal core
  • Version: 4.7.x, 5.x
  • Date: 2007-Jan-29
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution

Drupal core - Denial of service

  • Advisory ID: DRUPAL-SA-2007-002.
  • Project: Drupal Core.
  • Version: 4.6, 4.7
  • Date: 2007-Jan-05.
  • Security risk: Less critical.
  • Exploitable from: Remote.
  • Vulnerability: Denial of service.

Drupal core - Cross site scripting

  • Advisory ID: DRUPAL-SA-2007-001.
  • Project: Drupal Core.
  • Version: 4.6, 4.7.
  • Date: 2007-Jan-05.
  • Security risk: Less critical.
  • Exploitable from: Remote.
  • Vulnerability: Cross site scripting.

Pages