cpe:/a:drupal:tasklist:5.x-1.x cpe:/a:drupal:tasklist:5.x-2.x CVE-2009-1034 2009-03-20T14:30:00.313-04:00 2017-08-16T21:30:10.007-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-03-20T15:39:00.000-04:00 BID 34171 SECUNIA 34376 OSVDB 52781 CONFIRM http://drupal.org/node/406316 XF tasklist-unspecifed-sql-injection(49320) SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.