Total Size: 954 B
Created: 11 months ago
Edited: 11 months ago
This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602.
You must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step (form then confirm).
Retrieve the form_build_id from the response, and then triggering the exploit with the code on the left.
This will display the result of the whoami command.
Patch your systems!Blaklis
Are you sure you want to delete?