CVE-2008-3223

Publication date

2008-07-18 16:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for numeric fields."