Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Drupal 7 Content Management System provided by JumpBox

JumpBox Inc. | jb v1.8.2 app v7.22

Linux/Unix, Ubuntu 10.0.4 - 32-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

1 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    1

    Ger O'Brien "Ger O'Brien"

Highly critical security flaw in Drupal 7 pre version 7.32

  • November 27, 2014
  • Review verified by AWS Marketplace

"A malicious user can inject arbitrary SQL queries and thereby control the complete Drupal site." Security advisory note from SektionEins

This issue was given prominent coverage in the media, so it's really surprising that this AMI has not been updated. Even the BBC covered the story:
Millions of websites hit by Drupal hack attack
http://www.bbc.com/news/technology-29846539

The issue has been resolved in Drupal 7.32.

See the full advisory note:
https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html

showing 1 - 1