Sql injection

2008-09-2405:41:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API.

CPENameOperatorVersion
mailhandlereq5.120.11
mailhandlereq5.120.10
mailhandlereq6.120.11
mailhandlereq<= 5.x-1.3
mailhandlereq5.0.0-x1-xdev
mailhandlereq6.0.0-x1-xdev
mailhandlereq<= 6.x-1.3
mailhandlereq6.120.10
mailhandlereq5.120.12
mailhandlereq6.120.12

Name	Operator	Version
mailhandler	eq	5.120.11
mailhandler	eq	5.120.10
mailhandler	eq	6.120.11
mailhandler	eq	<= 5.x-1.3
mailhandler	eq	5.0.0-x1-xdev
mailhandler	eq	6.0.0-x1-xdev
mailhandler	eq	<= 6.x-1.3
mailhandler	eq	6.120.10
mailhandler	eq	5.120.12
mailhandler	eq	6.120.12