Top

Tag Archives | POST

Drupal – Remote Code Execution (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3

This vulnerability discovered Drupal security team one weeks ago, a highly critical (20/25 NIST rank), (SA-CORE-2018-004 / CVE-2018-7602) nicknamed Drupalgeddon 3. This vulnerability continues Drupalgeddon 2 and allow an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute […]

Continue Reading

Drupal – Remote Code Execution (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2

This vulnerability discovered Drupal security team two weeks ago, a highly critical (25/25 NIST rank), (SA-CORE-2018-002 / CVE-2018-7600) nicknamed Drupalgeddon 2. This vulnerability allowed an unauthenticated attacker to perform remote code execution. An exploitation method was published a few days ago for this vulnerability which allows attacker in the server execute any code with user […]

Continue Reading

sql_dump.php – Bot network

Today we looked server’s logs and we found very active Bot network that trying use old malware and upload more PHP code files to servers. Malware files If we look access logs, we found many files which tried access, but they not are normal WordPress, Joomla etc. files. /Abbrevsprl.php /administrator/administrator.php /administrator/dbconfig.php /administrator/includes/readmy.php /administrator/webconfig.txt.php /al277.php /authenticating.php […]

Continue Reading