Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for search_autocomplete by dominique_clause

    CVE-2012-4471 (GCVE-0-2012-4471)

    Vulnerability from nvd – Published: 2012-11-30 22:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.openwall.com/lists/oss-security/2012/10/04/3 mailing-listx_refsource_MLIST
    http://drupal.org/node/1679422 x_refsource_MISC
    http://drupal.org/node/1649442 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/54379 vdb-entryx_refsource_BID
    Date Public
    2012-06-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:10.045Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1679422"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1649442"
              },
              {
                "name": "54379",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/54379"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-06-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-01-29T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://drupal.org/node/1679422"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1649442"
            },
            {
              "name": "54379",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/54379"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-4471",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
                },
                {
                  "name": "http://drupal.org/node/1679422",
                  "refsource": "MISC",
                  "url": "http://drupal.org/node/1679422"
                },
                {
                  "name": "http://drupal.org/node/1649442",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1649442"
                },
                {
                  "name": "54379",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/54379"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4471",
        "datePublished": "2012-11-30T22:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:10.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1638 (GCVE-0-2012-1638)

    Vulnerability from nvd – Published: 2012-09-19 21:00 – Updated: 2024-09-17 00:26
    VLAI
    Summary
    SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL commands via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/47731 third-party-advisoryx_refsource_SECUNIA
    http://drupal.org/node/1410674 x_refsource_CONFIRM
    http://www.openwall.com/lists/oss-security/2012/04/07/1 mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/51667 vdb-entryx_refsource_BID
    http://drupal.org/node/1416612 x_refsource_CONFIRM
    http://drupalcode.org/project/search_autocomplete… x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:01:02.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47731",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/47731"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1410674"
              },
              {
                "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
              },
              {
                "name": "51667",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51667"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1416612"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the \"use search_autocomplete\" permission to execute arbitrary SQL commands via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-19T21:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "47731",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/47731"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1410674"
            },
            {
              "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
            },
            {
              "name": "51667",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51667"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1416612"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-1638",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the \"use search_autocomplete\" permission to execute arbitrary SQL commands via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47731",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/47731"
                },
                {
                  "name": "http://drupal.org/node/1410674",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1410674"
                },
                {
                  "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
                },
                {
                  "name": "51667",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/51667"
                },
                {
                  "name": "http://drupal.org/node/1416612",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1416612"
                },
                {
                  "name": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6",
                  "refsource": "CONFIRM",
                  "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-1638",
        "datePublished": "2012-09-19T21:00:00.000Z",
        "dateReserved": "2012-03-12T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:26:35.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-4471 (GCVE-0-2012-4471)

    Vulnerability from cvelistv5 – Published: 2012-11-30 22:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.openwall.com/lists/oss-security/2012/10/04/3 mailing-listx_refsource_MLIST
    http://drupal.org/node/1679422 x_refsource_MISC
    http://drupal.org/node/1649442 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/54379 vdb-entryx_refsource_BID
    Date Public
    2012-06-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:10.045Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1679422"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1649442"
              },
              {
                "name": "54379",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/54379"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-06-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-01-29T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://drupal.org/node/1679422"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1649442"
            },
            {
              "name": "54379",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/54379"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-4471",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the priority order via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[oss-security] 20121003 Re: CVE Request for Drupal Contributed Modules",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/10/04/3"
                },
                {
                  "name": "http://drupal.org/node/1679422",
                  "refsource": "MISC",
                  "url": "http://drupal.org/node/1679422"
                },
                {
                  "name": "http://drupal.org/node/1649442",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1649442"
                },
                {
                  "name": "54379",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/54379"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4471",
        "datePublished": "2012-11-30T22:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:10.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1638 (GCVE-0-2012-1638)

    Vulnerability from cvelistv5 – Published: 2012-09-19 21:00 – Updated: 2024-09-17 00:26
    VLAI
    Summary
    SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL commands via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/47731 third-party-advisoryx_refsource_SECUNIA
    http://drupal.org/node/1410674 x_refsource_CONFIRM
    http://www.openwall.com/lists/oss-security/2012/04/07/1 mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/51667 vdb-entryx_refsource_BID
    http://drupal.org/node/1416612 x_refsource_CONFIRM
    http://drupalcode.org/project/search_autocomplete… x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:01:02.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47731",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/47731"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1410674"
              },
              {
                "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
              },
              {
                "name": "51667",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51667"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupal.org/node/1416612"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the \"use search_autocomplete\" permission to execute arbitrary SQL commands via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-19T21:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "47731",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/47731"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1410674"
            },
            {
              "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
            },
            {
              "name": "51667",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51667"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupal.org/node/1416612"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-1638",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the \"use search_autocomplete\" permission to execute arbitrary SQL commands via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47731",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/47731"
                },
                {
                  "name": "http://drupal.org/node/1410674",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1410674"
                },
                {
                  "name": "[oss-security] 20120406 CVE\u0027s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
                },
                {
                  "name": "51667",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/51667"
                },
                {
                  "name": "http://drupal.org/node/1416612",
                  "refsource": "CONFIRM",
                  "url": "http://drupal.org/node/1416612"
                },
                {
                  "name": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6",
                  "refsource": "CONFIRM",
                  "url": "http://drupalcode.org/project/search_autocomplete.git/commit/589e8f6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-1638",
        "datePublished": "2012-09-19T21:00:00.000Z",
        "dateReserved": "2012-03-12T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:26:35.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }