Lucene search
HistorySep 20, 2012 - 3:46 a.m.
CVE-2012-1626
sql injection
date module
drupal
cve-2012-1626
nvd
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.8%
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the “administer Date Tools” privilege to execute arbitrary SQL commands via unspecified vectors.
Affected configurations
Node
drupaldrupalMatch-
karen_stevensondateMatch6.x-2.0
ORkaren_stevensondateMatch6.x-2.0beta
ORkaren_stevensondateMatch6.x-2.0beta2
ORkaren_stevensondateMatch6.x-2.0beta3
ORkaren_stevensondateMatch6.x-2.0beta4
ORkaren_stevensondateMatch6.x-2.0rc1
ORkaren_stevensondateMatch6.x-2.0rc2
ORkaren_stevensondateMatch6.x-2.0rc3
ORkaren_stevensondateMatch6.x-2.0rc4
ORkaren_stevensondateMatch6.x-2.0rc5
ORkaren_stevensondateMatch6.x-2.0rc6
ORkaren_stevensondateMatch6.x-2.1
ORkaren_stevensondateMatch6.x-2.2
ORkaren_stevensondateMatch6.x-2.3
ORkaren_stevensondateMatch6.x-2.4
ORkaren_stevensondateMatch6.x-2.5
ORkaren_stevensondateMatch6.x-2.6
ORkaren_stevensondateMatch6.x-2.7
ORkaren_stevensondateMatch6.x-2.xdev
Related
prion
prion
Sql injection
2012-09-20 03:46:00
cvelist
cvelist
CVE-2012-1626
2012-09-20 01:00:00
nvd
nvd
CVE-2012-1626
2012-09-20 03:46:36
drupal
drupal
SA-CONTRIB-2012-004 - Date - SQL injection
2012-01-11 00:00:00
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.8%
Related for CVE-2012-1626