CyberSec.Space Logo
Back to CVE Browser

CVE-2009-1034

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile27.57th
PublishedMar 20, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.

Affected Platforms (CPE)

πŸ“¦
Drupal

Tasklist

<= 5.x-1.x
πŸ“¦
Drupal

Tasklist

<= 5.x-2.x

References & Advisories

πŸ”— http://drupal.org/node/406316
πŸ”— http://secunia.com/advisories/34376
πŸ”— http://www.osvdb.org/52781
πŸ”— http://www.securityfocus.com/bid/34171
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/49320
πŸ”— http://drupal.org/node/406316
πŸ”— http://secunia.com/advisories/34376
πŸ”— http://www.osvdb.org/52781

Related Vulnerabilities

CVE-2002-19004.3

Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via taskli...

CVE-2009-10354.3

Cross-site scripting (XSS) vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module...

CVE-2005-41913.5

Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before ...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...