exploitDog

CVE-2008-3092

Опубликовано: 09 июл. 2008

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://drupal.org/node/277877
Patch
http://secunia.com/advisories/30933
Patch
Vendor Advisory
http://www.securityfocus.com/bid/30067
https://exchange.xforce.ibmcloud.com/vulnerabilities/43571
http://drupal.org/node/277877
Patch
http://secunia.com/advisories/30933
Patch
Vendor Advisory
http://www.securityfocus.com/bid/30067
https://exchange.xforce.ibmcloud.com/vulnerabilities/43571

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:drupal:taxonomy_autotagger_module:5:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00255

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-27gp-rrp2-6hg8

github

больше 3 лет назад

SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 49%

0.00255

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89