Skip to content

g0rx/Drupal-SA-CORE-2019-003

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
README.md
README.md
 
 
cve-2019-6340.py
cve-2019-6340.py
 
 
exploit.txt
exploit.txt
 
 
payloads.txt
payloads.txt
 
 

Repository files navigation

Drupal-SA-CORE-2019-003 CVE-2019-6340

Drupal SA-CORE-2019-003 CVE-2019-6340

CVE-2019-6340.md https://mp.weixin.qq.com/s/EQD4-K6HgBY9wdzeXeyzkg

https://paper.seebug.org/821/

https://www.youtube.com/watch?v=QtLDDN0Duko

linkname

https://pbs.twimg.com/media/D0C-KiXX4AM2vR3.jpg:large

marty-mcfly

CVE-2019-6340 isn’t a default configuration, you have to manually enable Restful web services:

marty-mcfly

Command $ curl -k -v -H 'Content-Type: application/json' -d @./drupalrce.json 'https://<http://your.web.site >/node/<node_id>?_format=hal_json'

file drupalrce.json

marty-mcfly

About

CVE-2019-6340-Drupal SA-CORE-2019-003

Resources

Readme
Activity

Stars

32 stars

Watchers

5 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages