Vulnerabilities > Karen Stevenson > Date > 6.x.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-20 | CVE-2012-1626 | SQL Injection vulnerability in Karen Stevenson Date SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors. | 6.0 |