漏洞信息详情
Drupal TAXONOMY_SELECT_NODES() SQL注入漏洞
- CNNVD编号:CNNVD-200712-084
- 危害等级: 高危
![图片[1]-Drupal TAXONOMY_SELECT_NODES() SQL注入漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-08/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2007-6299
- 漏洞类型:
输入验证
- 发布时间:
2007-12-10
- 威胁类型:
远程
- 更新时间:
2007-12-10
- 厂 商:
drupal - 漏洞来源:
Nadid Skywalker an… -
漏洞简介
Drupal 和 vbDrupal存在多个SQL注入漏洞,远程攻击者可以借助通过taxonomy_select_nodes函数输入的模数执行任意SQL指令,例如(1) taxonomy_menu, (2) ajaxLoader, 以及(3) ubrowser模数。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Drupal Drupal 5.2
Drupal drupal-5.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.4.tar.gz
Drupal Drupal 5.3
Drupal drupal-5.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.4.tar.gz
Drupal Drupal 4.7 revision 1.2
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 5.1
Drupal drupal-5.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.4.tar.gz
Drupal Drupal 5.0
Drupal drupal-5.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.4.tar.gz
Drupal Drupal 4.6
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 5.1 revision 1.1
Drupal drupal-5.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.4.tar.gz
Drupal Drupal 4.7
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.0 .0
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.1 .0
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.2 .0 RC
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.4
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.4.1
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.4.2
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.4.3
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.1
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.2
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.2
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.3
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.4
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.5
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.6
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.7
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.5.8
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.1
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.10
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.11
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.2
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.3
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.4
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.5
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.6
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.7
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.8
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal 4.6.9
Drupal drupal-4.7.9.tar.gz
http://ftp.drupal.org/files/projects/drupal-4.7.9.tar.gz
Drupal Drupal
参考网址
来源: sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=559538
来源: sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=559532
来源: BID
名称: 26735
链接:http://www.securityfocus.com/bid/26735
来源: SECUNIA
名称: 27951
链接:http://secunia.com/advisories/27951
来源: SECUNIA
名称: 27932
链接:http://secunia.com/advisories/27932
来源: drupal.org
链接:http://drupal.org/node/198162
来源: FEDORA
名称: FEDORA-2007-4163
链接:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00258.html
来源: FEDORA
名称: FEDORA-2007-4136
链接:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00190.html
来源: XF
名称: vbdrupal-taxonomy-sql-injection(38886)
链接:http://xforce.iss.net/xforce/xfdb/38886
来源: XF
名称: drupal-taxonomy-sql-injection(38884)
链接:http://xforce.iss.net/xforce/xfdb/38884
来源: SECUNIA
名称: 27973
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
