1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
PublicDate: 2006-06-01
Candidate: CVE-2006-2742
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2742
Description:
SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows
remote attackers to execute arbitrary SQL commands via the (1) count and
(2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and
(c) database.mysqli.inc.
Ubuntu-Description:
Notes:
Bugs:
dapper_drupal: ignored (reached end-of-life)
edgy_drupal: released (4.5.8-2)
feisty_drupal: needed (reached end-of-life)
gutsy_drupal: DNE
hardy_drupal: DNE
intrepid_drupal: DNE
jaunty_drupal: DNE
karmic_drupal: DNE
devel_drupal: DNE
upstream_drupal:
|