CVE-2010-3423 Information
Share on:
Feb 14, 2021
cve
Description
SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.
Reference
http://drupal.org/node/606290 http://drupal.org/node/905686 http://secunia.com/advisories/41385 http://www.osvdb.org/67918 https://exchange.xforce.ibmcloud.com/vulnerabilities/61673