Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Date模块事件转换表单SQL注入漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的Date模块6.x-2.8之前的6.x-2.x版本中的事件转换表单中存在SQL注入漏洞。远程认证用户可利用该漏洞通过未明向量以‘管理数据工具’权限执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A