CVE-2010-3423

CVE-2010-3423

EPSS 1.1%

SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://drupal.org/node/606290 http://drupal.org/node/905686 http://secunia.com/advisories/41385 https://exchange.xforce.ibmcloud.com/vulnerabilities/61673 http://www.osvdb.org/67918