CVE-2011-2715

UNRATEDJSON export Create alert

Description

An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.

Affected products

Drupal / Data-module6.x-1.0-alpha14 – 6.x-1.0-alpha14

References

MAILING_LISThttps://www.openwall.com/lists/oss-security/2011/07/26/8
MISChttps://www.drupal.org/node/1056470