Drupal Database Spam – SQL Injections Target Drupal 7 Sites

By Daniel Cid It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highly critical SQL Injection (SQLi) vulnerability that allowed an attacker to arbitrarily execute SQL commands remotely, leading to potential privilege escalation issues and execution of PHP code on the server.

visit Sucuri Blog

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: