cpe:/a:drupal:aggregation_module:3.0 cpe:/a:drupal:aggregation_module:3.1 cpe:/a:drupal:aggregation_module:3.2 cpe:/a:drupal:aggregation_module:4.0 cpe:/a:drupal:aggregation_module:4.1 cpe:/a:drupal:aggregation_module:4.2 cpe:/a:drupal:aggregation_module:4.3 cpe:/a:drupal:drupal:5.0 cpe:/a:drupal:drupal:5.1 cpe:/a:drupal:drupal:5.1_rev1.1 cpe:/a:drupal:drupal:5.2 cpe:/a:drupal:drupal:5.3 cpe:/a:drupal:drupal:5.4 cpe:/a:drupal:drupal:5.5. cpe:/a:drupal:drupal:5.7 CVE-2008-2999 2008-07-03T14:41:00.000-04:00 2017-08-07T21:31:30.497-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-07-04T16:40:00.000-04:00 BID 29677 SECUNIA 30618 XF aggregation-unspecified-sql-injection(43010) CONFIRM http://drupal.org/node/269479 Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.