Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, related to the (1) nid, (2) qid, and (3) state parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Ajax Checklist Module 多个SQL注入漏洞
Vulnerability Description
Drupal Ajax Checklist模块5.x-1.1之前的5.x版本中的ajax_checklist_save函数存在多个SQL注入漏洞。拥有"更新ajax清单"许可的远程认证用户可以借助一个保存操作,执行任意的SQL指令。该漏洞与(1)nid,(2)qid和(3)state参数有关。
CVSS Information
N/A
Vulnerability Type
N/A