Vulnerability Name: | CVE-2007-6299 (CCN-38884) | ||||||||
Assigned: | 2007-12-05 | ||||||||
Published: | 2007-12-05 | ||||||||
Updated: | 2017-08-08 | ||||||||
Summary: | Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-89 CWE-20 | ||||||||
Vulnerability Consequences: | Data Manipulation | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-6299 Source: CCN Type: DRUPAL-SA-2007-031 SA-2007-031 - Drupal core - SQL Injection possible when certain contributed modules are enabled Source: CONFIRM Type: UNKNOWN http://drupal.org/node/198162 Source: CCN Type: SA27932 Drupal "taxonomy_select_nodes()" SQL Injection Source: SECUNIA Type: Vendor Advisory 27932 Source: CCN Type: SA27951 vbDrupal "taxonomy_select_nodes()" SQL Injection Source: SECUNIA Type: Vendor Advisory 27951 Source: SECUNIA Type: UNKNOWN 27973 Source: CONFIRM Type: Patch http://sourceforge.net/project/shownotes.php?release_id=559532 Source: CONFIRM Type: Patch http://sourceforge.net/project/shownotes.php?release_id=559538 Source: BID Type: UNKNOWN 26735 Source: CCN Type: BID-26735 Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability Source: XF Type: UNKNOWN drupal-taxonomy-sql-injection(38884) Source: XF Type: UNKNOWN drupal-taxonomy-sql-injection(38884) Source: XF Type: UNKNOWN vbdrupal-taxonomy-sql-injection(38886) Source: FEDORA Type: UNKNOWN FEDORA-2007-4136 Source: FEDORA Type: UNKNOWN FEDORA-2007-4163 | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
Vulnerability Name: | CVE-2007-6299 (CCN-38886) | ||||||||
Assigned: | 2007-12-05 | ||||||||
Published: | 2007-12-05 | ||||||||
Updated: | 2007-12-05 | ||||||||
Summary: | vbDrupal is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the taxonomy_select_nodes() function using an unspecified parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
Note: Successful exploitation requires the installation of a module that passes data to the taxonomy_select_nodes() function. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Consequences: | Data Manipulation | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-6299 Source: CCN Type: DRUPAL-SA-2007-031 SA-2007-031 - Drupal core - SQL Injection possible when certain contributed modules are enabled Source: CCN Type: SA27932 Drupal "taxonomy_select_nodes()" SQL Injection Source: CCN Type: SA27951 vbDrupal "taxonomy_select_nodes()" SQL Injection Source: CCN Type: SourceForge.net: Files Release Name: 5.4.0 Source: CCN Type: SourceForge.net vbDrupal Source: CCN Type: BID-26735 Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability Source: XF Type: UNKNOWN vbdrupal-taxonomy-sql-injection(38886) | ||||||||
BACK |