NuytsTech Security

CVE-2006-2742

by ·

SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.

Date published : 2006-06-01

http://www.securityfocus.com/bid/18245

http://www.securityfocus.com/archive/1/435790/100/0/threaded

Tags: