Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-3704 PoC — Drupal core SQL注入漏洞

Source
https://github.com/happynote3966/CVE-2014-3704
Associated Vulnerability
Title:Drupal core SQL注入漏洞 (CVE-2014-3704)
Description:Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal core 7.3之前7.x版本中的database abstraction API中‘expandArguments’函数存在安全漏洞,该漏洞源于程序没有正确构造预处理语句。远程攻击者可借助带有特制键的数组利用该漏洞实施SQL注入攻击。
File Snapshot

 [4.0K]  /data/pocs/c44cf4ed194b2b70b66cec686d360129edfd2990
├── [ 12K]  34992.py
├── [3.5M]  drupal-7.31.zip
├── [1.2K]  install2.sh
└── [ 714]  install.sh

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.