Advisory 01/2014: Drupal - pre Auth SQL Injection Vulnerability
mercredi 15 octobre 2014 à 18:37CAFAI, le 15/10/2014 à 18:37
Advisory: Drupal - pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Application: Drupal >= 7.0 <= 7.31
Severity: Full SQL injection, which results in total control and code execution of Website.
Risk: Highly Critical
Vendor Status: Drupal 7.32 fixed this bug
(Permalink)
Advisory: Drupal - pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Application: Drupal >= 7.0 <= 7.31
Severity: Full SQL injection, which results in total control and code execution of Website.
Risk: Highly Critical
Vendor Status: Drupal 7.32 fixed this bug
(Permalink)