SQL Injection Vulnerability in Bibliography Module for Drupal
CVE-2006-4108

Currently unrated

Key Information:

Vendor: Drupal
Status: Bibliography Module
Vendor: CVE Published:; 14 August 2006

What is CVE-2006-4108?

The Bibliography module for Drupal is susceptible to SQL injection, allowing attackers to remotely execute arbitrary SQL commands. This vulnerability affects versions 4.6 prior to revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5. Attackers can exploit this vulnerability through various unspecified vectors, potentially compromising the integrity and confidentiality of the database.

References

http://secunia.com/advisories/21435

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3227

vdb-entryx_refsource_VUPEN

http://drupal.org/node/77756

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2006
Vulnerability Reserved
Aug 14, 2006