Karen Stevenson : Security Vulnerabilities, CVEs, (Sql injection)
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.0
EPSS Score
0.26%
Published
2012-09-20
Updated
2017-08-29
1 vulnerabilities found