MidnightBSD

Advisories for freka

CVE-2010-3423 HIGH

SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
freka yr_verdata 6.x-1.5
freka yr_verdata 6.x-1.4
freka yr_verdata 6.x-1.0
freka yr_verdata 6.x-1.1