Drupal Spider Contacts Module Multiple SQL Injection and Cross Site Request Forgery Vulnerabilities

Attackers can use a browser to exploit the SQL-injection issues. To exploit the cross-site request-forgery issues, attackers must entice an unsuspecting victim to follow a malicious URI.


 

Privacy Statement
Copyright 2010, SecurityFocus