Security Advisory
CVE-2012-2306
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.