5 matches found
EUVD-2007-0505
Malware in sbrugna...
CVE-2007-0507
SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles...
Sql injection
SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles...
[SA23895] Drupal Acidfree Module "node titles" SQL Injection Vulnerability
TITLE: Drupal Acidfree Module "node titles" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA23895 VERIFY ADVISORY: http://secunia.com/advisories/23895/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Drupal Acidfree Module 4.x http://secunia.com/product/13326/...
Acidfree - SQL injection
Under certain circumstances, node titles are not escaped before being used in an SQL query, allowing a malicious user with the 'create acidfree albums' privilege and the ability to create acidfree content, to execute an SQL injection attack. These attacks may lead to administrator access. Version...