Vulnerabilities (CVE)

Filtered by vendor Drupal Subscribe
Filtered by product Data
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2715 1 Drupal 2 Data, Drupal 2024-02-04 7.5 HIGH 9.8 CRITICAL
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
CVE-2011-2714 1 Drupal 2 Data, Drupal 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.