SQL Injection Vulnerability in TrailScout Module for Drupal
CVE-2008-2850

Currently unrated

Key Information:

Vendor: Drupal
Status: Trailscout Module
Vendor: CVE Published:; 25 June 2008

What is CVE-2008-2850?

The TrailScout module for Drupal prior to version 5.x-1.4 is susceptible to a SQL injection vulnerability. This flaw enables remote attackers to manipulate SQL queries by exploiting unspecified cookies, leading to the execution of arbitrary SQL commands. The issue is associated with improper utilization of the Drupal database API, which can result in unauthorized access and potential data breaches.

References

http://www.securityfocus.com/bid/29807

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43169

vdb-entryx_refsource_XF

http://drupal.org/node/272191

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2008
Vulnerability Reserved
Jun 24, 2008