CVE-2006-4107
Drupal Job Search < 1.3.2.1 - SQL Injection via Job or Resume Search
Title source: llmDescription
SQL injection vulnerability in the Job Search module (job.module) 4.6 before revision 1.3.2.1 in Drupal allows remote attackers to execute arbitrary SQL commands via a job or resume search.
References (5)
Core 5
Core References
Patch, Vendor Advisory x_refsource_confirm
http://drupal.org/node/77537
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28274
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3187
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21380
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19420
Scores
EPSS
0.0062
EPSS Percentile
70.2%
Details
Status
published
Products (1)
drupal/job_search
4.6_rev1.3.2
Published
Aug 14, 2006
Tracked Since
Feb 18, 2026