Unrated severityNVD Advisory· Published Dec 11, 2009· Updated Jun 16, 2026
CVE-2009-4296
CVE-2009-4296
Description
SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:brian_miller:taxonomy_timer:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:brian_miller:taxonomy_timer:*:*:*:*:*:*:*:*range: <=5.x-1.8
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-0.1:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.0beta1:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.4:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.6:*:*:*:*:*:*:*
- cpe:2.3:a:brian_miller:taxonomy_timer:5.x-1.7:*:*:*:*:*:*:*
- (no CPE)range: <=5.x-1.8, <=6.x-alpha1
Patches
Vulnerability mechanics
References
6- drupal.org/node/641050nvdPatch
- drupal.org/node/641064nvdPatch
- drupal.org/node/649396nvdPatchVendor Advisory
- www.securityfocus.com/bid/37189nvdPatch
- www.vupen.com/english/advisories/2009/3388nvdPatchVendor Advisory
- secunia.com/advisories/37573nvdVendor Advisory
News mentions
0No linked articles in our index yet.