1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2008-4633
https://notcve.org/view.php?id=CVE-2008-4633
21 Oct 2008 — SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." Vulnerabilidad de inyección SQL en Node Vote v5.x anteriores a v5.x-1.1 y v6.x anteriores a v6.x-1.0, en un módulo de Drupal, cuando está habilitada la opción "Allow user to vote again", permite a usuarios autenticados remotos ejecuta... • http://drupal.org/node/321685 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •