DRUPAL-SA-2006-005 - Drupal core - SQL injection vulnerability
A security vulnerability in the database layer allowed certain queries to be submitted to the database without going through Drupal's query sanitizer. This problem represents a critical security vulnerability and should be patched or upgraded immediately. Versions affected - Drupal 4.6.6 and...