VDB
GCVE-110-MAGEIA-2014-423
GCVE-110-MAGEIA-2014-423
Advisory Published
An SQL Injection issue exists in Drupal before 7.32 due to the way the Drupal
core handles prepared statements. A malicious user can inject arbitrary SQL
queries, and thereby completely control the Drupal site. This vulnerability
can be exploited by remote attackers without any kind of authentication
required (CVE-2014-3704).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | drupal | 0 (affected), 7.32-1.mga4 (unaffected) | — |
| Mageia | drupal | 0 (affected), 7.32-1.mga3 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.