5 matches found
EUVD-2008-4131
Malware in sbrugna...
Mailhandler - Critical - Remote Code Execution - SA-CONTRIB-2017-089
The Mailhandler module enables you to create nodes by email. The Mailhandler module does not validate file attachments. By sending a correctly crafted e-mail to a mailhandler mailbox an attacker can execute arbitrary code. The vulnerability applies to any active mailhandler mailbox, whether or no...
Sql injection
SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API...
CVE-2008-4148
SQL injection vulnerability in the Mailhandler module 5.x before 5.x-1.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to composing queries without using the Drupal database API...
CVE-2008-4148
The CVE-2008-4148 vulnerability affects the Drupal Mailhandler module (5.x up to 5.x-1.4; 6.x up to 6.x-1.4). Root cause: SQL queries are constructed without using the Drupal database API, enabling remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact and exploit deta...