SQL injection vulnerability in the Schema API in Drupal 6.x prior to 6.3 allows remote malicious users to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal |
||
fedoraproject fedora 8 |
||
fedoraproject fedora 9 |