2 matches found
CVE-2006-4108
The CVE-2006-4108 entry describes a SQL injection vulnerability in Drupal’s Bibliography (biblio.module). Affected are Drupal modules versions 4.6 prior to revision 1.1.1.1.4.11 and 4.7 prior to revision 1.13.2.5, where an attacker can remotely execute arbitrary SQL commands via unspecified vecto...
CVE-2006-4109
CVE-2006-4109 affects Drupal’s Bibliography (biblio.module) versions 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5. The vulnerability is a cross-site scripting (XSS) flaw allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Documents descri...