SQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
https://exchange.xforce.ibmcloud.com/vulnerabilities/43169
http://www.securityfocus.com/bid/29807