Sql injection

2009-03-2018:30:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.

CPENameOperatorVersion
tasklisteq<= 5.x-2.x
tasklisteq<= 5.x-1.x

CPE	Name	Operator	Version
	tasklist	eq	<= 5.x-2.x
	tasklist	eq	<= 5.x-1.x

References

secunia.com/advisories/34376

www.osvdb.org/52781

www.securityfocus.com/bid/34171

drupal.org/node/406316

exchange.xforce.ibmcloud.com/vulnerabilities/49320