Page 6 of 26 results (0.005 seconds)

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc. • http://drupal.org/node/65357 http://secunia.com/advisories/20140 http://secunia.com/advisories/21244 http://www.debian.org/security/2006/dsa-1125 http://www.securityfocus.com/archive/1/435790/100/0/threaded http://www.securityfocus.com/bid/18245 http://www.vupen.com/english/advisories/2006/1975 https://exchange.xforce.ibmcloud.com/vulnerabilities/26654 •