EUVD-2006-5593

Malware in sbrugna...

CVE-2006-5608

SQL injection vulnerability in Extended Tracker xtracker 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."...

CVE-2006-5608

CVE-2006-5608: SQL injection in Extended Tracker (xtracker) 4.7 for Drupal, before 1.5.2.1, allows remote attackers to execute arbitrary SQL commands via parameters from URLs. Affected component: xtracker for Drupal; root cause: improper handling of URL parameters leading to SQL injection. Exploi...

CVE-2006-5608

SQL injection vulnerability in Extended Tracker xtracker 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."...

Extended Tracker - SQL Injection

The contributed module Extended Tracker xtracker accepts parameters from URLs and uses those unescaped in SQL queries, allowing malicious users to execute SQL injection attacks. This may result in them gaining administrator privileges. Versions affected Please check the CVS $Id$ fields in the fil...