CVE-2008-6020

Currently unrated

Key Information:

Vendor: Drupal
Status: Views
Vendor: CVE Published:; 2 February 2009

Summary

SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."

References

http://drupal.org/node/348321

x_refsource_CONFIRM

http://www.securityfocus.com/bid/32895

vdb-entryx_refsource_BID

http://secunia.com/advisories/33225

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 2, 2009
Vulnerability Reserved
Feb 2, 2009