Drupal · Yr Weatherdata Module · CVE-2010-3423
**Name of the Vulnerable Software and Affected Versions**
Yr Weatherdata module for Drupal versions prior to 6.x-1.6
**Description**
The issue allows remote attackers to execute arbitrary SQL commands via the sorting method, potentially leading to unauthorized data access or modification.
**Recommendations**
For versions prior to 6.x-1.6, update to version 6.x-1.6 or later to resolve the issue.