CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2009-4296
https://notcve.org/view.php?id=CVE-2009-4296
SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en el módulo Taxonomy Timer v5.x-1.8 y anteriores y v6.x-alpha1 v anteriores para Drupal permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores sin especi • http://drupal.org/node/641050 http://drupal.org/node/641064 http://drupal.org/node/649396 http://secunia.com/advisories/37573 http://www.securityfocus.com/bid/37189 http://www.vupen.com/english/advisories/2009/3388 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •