SQL Injection Vulnerabilities in Aggregation Module for Drupal
CVE-2008-2999

Currently unrated

Key Information:

Vendor: Drupal
Status: Drupal; Aggregation Module
Vendor: CVE Published:; 3 July 2008

What is CVE-2008-2999?

The Aggregation module for Drupal versions prior to 5.x-4.4 is susceptible to multiple SQL injection vulnerabilities. These flaws enable remote attackers to manipulate SQL queries, potentially leading to data exposure or unauthorized modification of the database. Exploitation of these vulnerabilities can occur through unspecified vectors, posing significant risks to the integrity and security of affected systems. It is crucial for users of the Aggregation module to update to the latest versions to mitigate these security risks.

References

http://drupal.org/node/269479

x_refsource_CONFIRM

http://www.securityfocus.com/bid/29677

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43010

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2008
Vulnerability Reserved
Jul 3, 2008