Description
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.
Affected products
- Drupal / brilliant_gallery5.x-4.1
- Drupal / brilliant_gallery5.x-1.0 – 5.x-1.0
- Drupal / brilliant_gallery5.x-1.1 – 5.x-1.1
- Drupal / brilliant_gallery5.x-1.2 – 5.x-1.2
- Drupal / brilliant_gallery5.x-2.1 – 5.x-2.1
- Drupal / brilliant_gallery5.x-2.2 – 5.x-2.2
- Drupal / brilliant_gallery5.x-2.3 – 5.x-2.3
- Drupal / brilliant_gallery5.x-2.4 – 5.x-2.4
- Drupal / brilliant_gallery5.x-2.5 – 5.x-2.5
- Drupal / brilliant_gallery5.x-2.6 – 5.x-2.6
- Drupal / brilliant_gallery5.x-2.7 – 5.x-2.7
- Drupal / brilliant_gallery5.x-2.8 – 5.x-2.8
- Drupal / brilliant_gallery5.x-2.9 – 5.x-2.9
- Drupal / brilliant_gallery5.x-2.10 – 5.x-2.10
- Drupal / brilliant_gallery5.x-2.11 – 5.x-2.11
- Drupal / brilliant_gallery5.x-2.12 – 5.x-2.12
- Drupal / brilliant_gallery5.x-2.13 – 5.x-2.13
- Drupal / brilliant_gallery5.x-2.14 – 5.x-2.14
- Drupal / brilliant_gallery5.x-2.15 – 5.x-2.15
- Drupal / brilliant_gallery5.x-2.16 – 5.x-2.16
- Drupal / brilliant_gallery5.x-2.17 – 5.x-2.17
- Drupal / brilliant_gallery5.x-3.0 – 5.x-3.0
- Drupal / brilliant_gallery5.x-3.1 – 5.x-3.1
- Drupal / brilliant_gallery5.x-3.2 – 5.x-3.2
- Drupal / brilliant_gallery5.x-3.3 – 5.x-3.3
- Drupal / brilliant_gallery5.x-4.0 – 5.x-4.0