3 matches found
EUVD-2008-4512
Malware in sbrugna...
Sql injection
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338...
CVE-2008-4338
The CVE-2008-4338 issue is a SQL injection vulnerability in the Brilliant Gallery Drupal module (versions 5.x and 6.x). It affects the brilliant_gallery_checklist_save function in bgchecklist/save, allowing remote authenticated users with the access brilliant_gallery permission to inject arbitrar...