SQL Injection Vulnerability in Drupal Easylinks Module
CVE-2006-4356

Currently unrated

Key Information:

Vendor: Drupal
Status: Drupal Easylinks Module
Vendor: CVE Published:; 27 August 2006

Summary

The Easylinks Module for Drupal versions prior to 1.5.2.1 is susceptible to SQL injection attacks. This vulnerability allows remote attackers to execute arbitrary SQL commands via unspecified vectors, potentially compromising the integrity and confidentiality of the database. Properly securing this module is essential to protect against exploitation.

References

http://secunia.com/advisories/21603

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/19673

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2006/3365

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Aug 27, 2006
Vulnerability Reserved
Aug 25, 2006