Mandriva Linux Security Advisory 2015-181 - Updated drupal packages fix multiple security vulnerabilities.
0240fabab23e9a0a598709267a074bb3
This Metasploit module exploits the Drupal HTTP Parameter Key/Value SQL Injection (aka Drupageddon) in order to achieve a remote shell on the vulnerable instance. This Metasploit module was tested against Drupal 7.0 and 7.31 (was fixed in 7.32).
a8306d84d19d3095b312666b206546a1
Drupal Core versions 7.32 and below remote SQL injection exploit. Written in PHP.
4374a49993ddf148ef027f0be432f32c
Drupal Core versions 7.32 and below remote SQL injection exploit. Written in Python.
1e5dc71fd7b0abe1041c10cd3b5d6936
Debian Linux Security Advisory 3051-1 - Stefan Horst discovered a vulnerability in the Drupal database abstraction API, which may result in SQL injection.
699b6ce677aa0c81fbfe82879530da48
Drupal versions 7.0 through 7.31 suffer from a remote SQL injection vulnerability.
8244a1135ddb4e99909b9a3e3d2bce43
Drupal versions 7.0 through 7.31 suffer from a pre-authentication remote SQL injection vulnerability.
dc7a6339ae60c1eec1fa92e072331db4