CVE-2014-5249 Information

Description

SQL injection vulnerability in the \Biblio self autocomplete\ submodule in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Reference

http://www.securityfocus.com/bid/69091 https://exchange.xforce.ibmcloud.com/vulnerabilities/95146 https://www.drupal.org/node/2316023 https://www.drupal.org/node/2316025 https://www.drupal.org/node/2316717