CVE-2009-1505
CVE-2009-1505 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 for Drupal allows remote authenticated users, with News Page nodes create and edit privileges, to execute arbitrary SQL commands via the Include Words (aka keywords) field.
Learn more about our User Device Pen Test.