Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability

Bugtraq ID: 26735
Class: Input Validation Error
CVE: CVE-2007-6299
Remote: Yes
Local: No
Published: Dec 05 2007 12:00AM
Updated: Apr 16 2015 06:12PM
Credit: Nadid Skywalker and Ivan Sergio Borgonovo discovered this vulnerability.
Vulnerable: Red Hat Fedora 7
Drupal Drupal 4.7.8
Drupal Drupal 4.7.7
Drupal Drupal 4.7.6
Drupal Drupal 4.7.5
Drupal Drupal 4.7.4
Drupal Drupal 4.7.3
Drupal Drupal 4.7.2
Drupal Drupal 4.7.1
Drupal Drupal 4.7
Drupal Drupal 4.6.11
Drupal Drupal 4.6.10
Drupal Drupal 4.6.9
Drupal Drupal 4.6.8
Drupal Drupal 4.6.7
Drupal Drupal 4.6.6
Drupal Drupal 4.6.5
Drupal Drupal 4.6.4
Drupal Drupal 4.6.3
Drupal Drupal 4.6.2
Drupal Drupal 4.6.1
Drupal Drupal 4.6
Drupal Drupal 4.5.8
Drupal Drupal 4.5.7
Drupal Drupal 4.5.6
Drupal Drupal 4.5.5
Drupal Drupal 4.5.4
Drupal Drupal 4.5.3
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.1
Drupal Drupal 4.5.2
Drupal Drupal 4.5.1
Drupal Drupal 4.5
Drupal Drupal 4.4.3
Drupal Drupal 4.4.2
Drupal Drupal 4.4.1
Drupal Drupal 4.4
Drupal Drupal 4.2 .0 RC
Drupal Drupal 4.1 .0
Drupal Drupal 4.0 .0
Drupal Drupal 5.3
Drupal Drupal 5.2
Drupal Drupal 5.1 revision 1.1
Drupal Drupal 5.1
Drupal Drupal 5.0
Drupal Drupal 4.7 revision 1.2
Drupal Drupal 4.7 revision 1.15
Drupal Drupal 4.7
Drupal Drupal 4.6
Not Vulnerable: Drupal Drupal 4.7.9
Drupal Drupal 5.4


 

Privacy Statement
Copyright 2010, SecurityFocus