cpe:/a:drupal:storm:5.x-1.1 cpe:/a:drupal:storm:5.x-1.2 cpe:/a:drupal:storm:5.x-1.3 cpe:/a:drupal:storm:5.x-1.4 cpe:/a:drupal:storm:5.x-1.5 cpe:/a:drupal:storm:5.x-1.6 cpe:/a:drupal:storm:5.x-1.7 cpe:/a:drupal:storm:5.x-1.8 cpe:/a:drupal:storm:5.x-1.9 cpe:/a:drupal:storm:5.x-1.10 cpe:/a:drupal:storm:5.x-1.11 cpe:/a:drupal:storm:5.x-1.12 cpe:/a:drupal:storm:5.x-1.13 cpe:/a:drupal:storm:5.x-1.x-dev cpe:/a:drupal:storm:6.x-1.0 cpe:/a:drupal:storm:6.x-1.1 cpe:/a:drupal:storm:6.x-1.2 cpe:/a:drupal:storm:6.x-1.3 cpe:/a:drupal:storm:6.x-1.4 cpe:/a:drupal:storm:6.x-1.5 cpe:/a:drupal:storm:6.x-1.6 cpe:/a:drupal:storm:6.x-1.7 cpe:/a:drupal:storm:6.x-1.8 cpe:/a:drupal:storm:6.x-1.9 cpe:/a:drupal:storm:6.x-1.10 cpe:/a:drupal:storm:6.x-1.11 cpe:/a:drupal:storm:6.x-1.12 cpe:/a:drupal:storm:6.x-1.13 cpe:/a:drupal:storm:6.x-1.14 cpe:/a:drupal:storm:6.x-1.15 cpe:/a:drupal:storm:6.x-1.16 cpe:/a:drupal:storm:6.x-1.17 cpe:/a:drupal:storm:6.x-1.x-dev CVE-2008-6383 2009-03-02T14:30:00.563-05:00 2017-08-16T21:29:15.363-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-03T10:29:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32626 SECUNIA 32978 CONFIRM http://drupal.org/node/342246 XF storm-unspecified-sql-injection(47077) SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.