← volver
CVE-2008-3223

CVE-2008-3223

EPSS 3.2%
SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://drupal.org/node/280571https://bugzilla.redhat.com/show_bug.cgi?id=454849http://secunia.com/advisories/31079https://exchange.xforce.ibmcloud.com/vulnerabilities/43705https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00016.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00527.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00551.htmlhttp://www.openwall.com/lists/oss-security/2008/07/10/3http://www.securityfocus.com/bid/30168