PT-2012-6020 · Drupal · Drupal
Forest Monsen
·
Published
2012-12-03
·
Updated
2012-12-04
·
CVE-2012-5550
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Drupal versions 6.x through 7.x
Description
A SQL injection issue in the Time Spent module for Drupal allows remote attackers to execute arbitrary SQL commands.
Recommendations
For versions 6.x through 7.x, update the Time Spent module to a version that includes a fix for this issue.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Drupal