Advisory 01/2014: Drupal7 – pre Auth SQL Injection Vulnerability

October 15, 2014 007admin Leave a comment

Posted by Stefan Horst on Oct 16

SektionEins GmbH
www.sektioneins.de

-= Security Advisory =-

Advisory: Drupal – pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Application: Drupal >= 7.0 <= 7.31
Severity: Full SQL injection, which results in total control and code execution of Website.
Risk: Highly Critical…

007 Software

Advisory 01/2014: Drupal7 – pre Auth SQL Injection Vulnerability

Leave a Reply Cancel reply

Software and Security Information