Drupal SQL injection Flaw

Friday 31st October 2014 at 4:10pm by Daniel Oxenbury

Drupal, an open source content management platform powering millions of websites and applications and has recently been patched due to a massive SQL injection flaw that could potentially allow a malicious user to load arbitrary code onto implementations running version 7.

For a detailed description of the security issue visit:
SA-CORE-2014-005 - Drupal core - SQL injection - https://www.drupal.org/SA-CORE-2014-005

Since the discovery and disclosure of the security flaw, Drupal's security team have promptly fixed the vulnerability and rolled out an update that allow website/web-server administrators to patch their systems.

But now Drupal's security team have released a public service announcement, stating “You should proceed under the assumption that every Drupal 7 website was compromised” with a security risk level of 25/25 this is bad news for most Drupal developers.

For a detailed description of the PSA visit:
PSA-2014-003 - Public Service announcement - https://www.drupal.org/PSA-2014-003

At Two Superior we take security seriously and keep a close eye on what happens around us. Most of our sites are built from scratch unless requested, instead of using content management platforms such as Drupal or WordPress. Only a select few of our current clients are currently using Drupal, but if you are a Two Superior customer and have any questions or concerns feel free to get in contact with us!


Comments


More News

Monday 29th June 2015 - We are pleased to announce the new Harbron Recruit website is now live! Harbron Recruit got in touch with us recently, as they wanted their Wordpress site moving to a bespoke platform and also wanted to extend their site with custom functionality.

Tuesday 28th April 2015 - Just as your screens and internet connections leap into the future, so should your website!

Thursday 23rd April 2015 - Google has now released it’s new mobile search algorithm and has released a handy tool to help you check your website.

Wednesday 15th April 2015 - Sometimes you find that your web browser just doesn’t have that certain feature that you want. Extensions and plugins have come to the rescue, but are the extensions or plugins you have installing from a trusted source?

Friday 10th April 2015 - Quite often when we need to write a large amount of code to complete a particular task we’ll first look to see if someone has already written an open source library which we can use instead of spending hours or days writing something that will do that same thing.


Read More »


1000 Club Membership
Plymouth Chamber of Commerce Member
UKWDA Member
BCS Member

Contact

Two Superior Studios Limited
Plymouth Science Park,
1 Davy Road,
Plymouth,
Devon,
PL6 8BX

Phone: 01752 39 59 39
Email:

Tweets

twosuperior We love how easy @deployhq makes pushing out new websites. The SSH commands make composer hooks a breeze!
1 year ago · reply · retweet · favourite

twosuperior "Stop forcing your arbitrary password rules on me." - https://t.co/uAQJNj0kdc
2 years ago · reply · retweet · favourite

Social Links

Support

Contact your Account Manager or create a Support Ticket for a speedy response to all your questions and issues.

You can check the status of our services on our Service Status page.

Looking for local companies you can trust that offer outstanding service? Check out our Recommended Companies page.

Enquire Now

FREE Website Advice - Call on 01752 39 59 39 or email