SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 for Drupal allows remote authenticated users, with News Page nodes create and edit privileges, to execute arbitrary SQL commands via the Include Words (aka keywords) field.
Max CVSS
6.5
EPSS Score
0.19%
Published
2009-05-01
Updated
2017-08-17
1 vulnerabilities found