Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1034

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1034
Last Modified 01 Apr 2009 01:43:17
Published 20 Mar 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1034

Summary

SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.

Vulnerable Systems

Application

  • Drupal Tasklist 5.x-1.x

  • Drupal Tasklist 5.x-2.x


References

CONFIRM - http://drupal.org/node/406316

XF - tasklist-unspecifed-sql-injection(49320)

BID - 34171

OSVDB - 52781

SECUNIA - 34376


Last Updated: 27 May 2016 10:50:26