This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Drupal Security Team reports :
Drupal 7 includes a database abstraction API to ensure that queries
executed against the database are sanitized to prevent SQL injection
attacks. A vulnerability in this API allows an attacker to send
specially crafted requests resulting in arbitrary SQL execution.
Depending on the content of the requests this can lead to privilege
escalation, arbitrary PHP execution, or other attacks. This
vulnerability can be exploited by anonymous users.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
Public Exploit Available : true