CVE-2008-6383 Information

Description

SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18 a module for Drupal allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.

Reference

http://drupal.org/node/342246 http://secunia.com/advisories/32978 http://www.securityfocus.com/bid/32626 https://exchange.xforce.ibmcloud.com/vulnerabilities/47077