Skip to main content

Patch/Update Drupal or Be Hacked by Highly Critical SQL Injection in Database Abstraction API

By

Drupal SQL Injection - Drupal Warns of Getting Hacked Unless Patched

Millions of Drupal 7 websites might have hit by hack attack


Drupal issued an advisory on Oct 15, 2014 about vulnerability of SQL Injection in its Drupal core 7.x versions prior to 7.32.

Drupal issued its SA-CORE-2014-005 advisory, warning of a highly critical SQL injection vulnerability that is also identified as CVE-2014-3704.

The only solution is to install the latest version i.e. Drupal core 7.32.

With the issue of advisory on 15 Oct by Drupal, multiple exploits have been reported. For this they issued follow-up announcement DRUPAL-PSA-2014-003

Drupal issued very strong words in the advisory PSA-2014-003. This shows how serious the vulnerability is. Here is what they penned down:
"You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement."
There are chances that you may not be able to update to the latest Drupal version. For those users Drupal has issued a patch for Drupal's database.inc file to fix the vulnerability. Drupal also provided a help document to recover your hacked website. Take a look at their help documentation, "Your Drupal site got hacked, now what"
Labels:

Comments

Post a Comment

Popular posts from this blog

Facebook's Pop-Out Floating Video in News Feed for Desktop Users

By
Looks like Facebook is again testing the feature for Pop-Out video that floats in the news feed while scrolling news feed up and down. Facebook first tested the same feature in 2015 but was not made available for all desktop users. As of know it still seems to be in testing phase as I am not able to see this feature in the same MacBook for different browsers. Like I am able to watch the pop-out and scrolling video in Firefox browser but the same is not working in Chrome browser. The floating video option is made available through 2 options. One is a Video Pop-Out button in the current played video. You have to click on that blue pop-out button to get video moved to left hand side of the news feed. The pop-out video button is in white color when video is not playing. As the video starts playing it color changes to blue. Video Pop-Out Button in Blue Color The second option is scroll down so the current playing video is not visible in your screen, the video will Pop-Out automati...
Post a Comment
Read more

Airtel V-Fiber Broadband Plans Now Offers 100 Mbps Speed Over Huawei HG630a

By
Today I got upgraded to the Airtel’s new broadband connection - ‘V-Fiber’ broadband based on Vectorization. The V-Fiber broadband offers speed upto 100 Mbps. As an existing Airtel broadband users I didn’t have to pay any extra. But there is a catch here. I have to purchase the new Huawei HG630a modem for Rs. 1000. There is an option of paying Rs. 1000 in a single go or Rs. 200 for 5 months. I was given the plan not listed on the Airtel website for Delhi-NCR. My plan is Rapid New 1199 60GB with 40 Mbps speed and unlimited local and STD calls. Following is the plan listed on Airtel for Delhi-NCR region. The firsttwo  plans are the normal old plans. Third one is the plan I got as an offer and is not listed on the Airtel website for broadband. Rest are the plans that are now listed as the high speed plans under V-fiber broadband. Along with the 60 GB FUP I also got 100GB of extra data for free for the first 3 months. Airtel V-Fiber Plans for Delhi-NCR ...
2 comments
Read more

Android Top Paid App 'Virus Shield' Pulled Out from Google Play Store

By
Virus Shield-Top Paid App In Play Store, is a Scam Virus Shield Removed from Google Play Store for Scamming Android users Google has removed Virus Shield, an anti malware Android app from the Google Play Store for scamming Android users.. According to Android Police , the Virus Shield is not protecting any of the 10000+ Android users who had downloaded it and were ripped of $3.99 they paid for using it. The number of users is huge as the app was launched just two weeks ago on March 28, 2014. The price and the claims made by "Virus Shield" are the two factors that boost download. At just $3.99, "Virus Shield" claimed that it can protect Android Smartphone users from viruses, malware and spyware, and can even improve the speed of phones. But the great work done by Android Police, made this as the number 1 Scam app for which users are paying and getting nothing in return. Android Police analyzed the code of the "Virus Shield" and confirmed that...
Post a Comment
Read more