CVE-2010-3423
The CVE-2010-3423 entry describes a SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x prior to 6.x-1.6. Affected component: Drupal module Yr Weatherdata (Drupal 6.x). Root cause: SQL injection via the module’s sorting method, enabling remote attackers to execute arbitrary SQ...