SQL injection vulnerability in Drupal 4.6.x prior to 4.6.7 and 4.7.0 allows remote malicious users to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 4.6.5 |
||
drupal drupal 4.6.6 |
||
drupal drupal 4.6.3 |
||
drupal drupal 4.6.4 |
||
drupal drupal 4.6 |
||
drupal drupal 4.6.0 |
||
drupal drupal 4.7.0 |
||
drupal drupal 4.6.1 |
||
drupal drupal 4.6.2 |