Vulnerabilities
Vulnerable Software
The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling form, which is later executed by cron.
CVSS Score
6.0
EPSS Score
0.005
Published
2012-12-03


Contact Us

Shodan ® - All rights reserved