2 matches found
CVE-2015-3345
The CVE-2015-3345 issue affects the Drupal PHPlist Integration Module (6.x-1.x) before 6.x-1.7. The vulnerability is an SQL injection that could allow remote administrators to execute arbitrary SQL commands via the phpList database. Root cause: the module’s integration points expose the Drupal/da...
SA-CONTRIB-2015-003 - PHPlist Integration Module - SQL Injection
The PHPlist Integration module provides an integration between a Drupal website and phpList newsletter manager. The module provides two main features: user sync and sending a node as a newsletter. The module introduces a SQL Injection vulnerability to the phpList database. The Drupal database is...