Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)

Description

SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.

Remediation

References

CVE-2015-6659

Related Vulnerabilities

MySQL CVE-2021-2194 Vulnerability (CVE-2021-2194)

PHP Other Vulnerability (CVE-2007-3790)

Apache Tomcat Numeric Errors Vulnerability (CVE-2012-0022)

WordPress Plugin PWA for WP & AMP Security Bypass (1.7.32)

Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)

Severity

High

Classification

CVE-2015-6659 CWE-138

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities