Vitalii Rudnykh - Security Researcher - Exploit Intelligence Platform

CVE-2018-7600 NOMISEC CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

353 stars

CVSS 9.8

View Code

CVE-2018-7600 NOMISEC CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

7 stars

CVSS 9.8

View Code

CVE-2018-7600 NOMISEC CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

5 stars

CVSS 9.8

View Code

CVE-2018-7600 GITLAB CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS 9.8

View Code

CVE-2018-7600 GITLAB CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS 9.8

View Code

CVE-2018-7600 NOMISEC CRITICAL WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS 9.8

View Code

EIP-2026-109547 EXPLOITDB python WORKING POC

Modx Revolution < 2.6.4 - Remote Code Execution

View Code

CVE-2018-7600 EXPLOITDB CRITICAL python WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS 9.8

View Code

CVE-2018-7600 EXPLOITDB CRITICAL ruby WORKING POC

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CVSS 9.8

View Code