Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-6659
StatusCandidate
DescriptionSQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.
Severity
High
CVSS score7,5
CVSS vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
PhaseAssigned (24.08.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6659
ReferencesSECTRACK : 1033358
 BID : 76432
 CONFIRM : https://www.drupal.org/SA-CORE-2015-003
SecurityVulns:Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod