3 writeups tagged with Drupal
Drupal 9 on Debian. Exploited an authenticated RCE vulnerability with compromised admin credentials found via enumeration.
Drupal 8 on CentOS. Exploited Drupalgeddon2 (CVE-2018-7600) for unauthenticated RCE and escalated privileges via SUID binary.
Drupal 7 authenticated RCE via Services module REST endpoint. MS15-051 kernel exploit escalates to SYSTEM.
