Vulnerability Description
SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs."
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Drupal | Extended Tracker | 4.7 |
References
- http://drupal.org/node/91358Patch
- http://secunia.com/advisories/22566Vendor Advisory
- http://www.securityfocus.com/bid/20759Exploit
- http://www.vupen.com/english/advisories/2006/4218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29821
- http://drupal.org/node/91358Patch
- http://secunia.com/advisories/22566Vendor Advisory
- http://www.securityfocus.com/bid/20759Exploit
- http://www.vupen.com/english/advisories/2006/4218
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29821
FAQ
What is CVE-2006-5608?
CVE-2006-5608 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from U...
How severe is CVE-2006-5608?
CVE-2006-5608 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5608?
Check the references section above for vendor advisories and patch information. Affected products include: Drupal Extended Tracker.