Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2007-01-26	CVE-2007-0507	SQL Injection vulnerability in Drupal Acidfree 4.61.0/4.71.0 SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles. network drupal	6.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.