CVE-2019-6340 Drupal core - Highly critical - Remote Code Execution

🗓️ 21 Feb 2019 21:00:00Reported by drupalType

Drupal core - Highly critical - Remote Code Execution, Unsanitized data in field type

Reporter	Title	Published	Views	Family All 67
FreeBSD	drupal -- Drupal core - Highly critical - Remote Code Execution	20 Feb 201900:00	–	freebsd
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	27 May 202601:16	–	githubexploit
GithubExploit	Exploit for Improper Input Validation in Drupal	31 Aug 202022:55	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	25 Feb 201907:47	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	1 May 202115:00	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	25 Feb 201903:38	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	27 May 201919:06	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Drupal	22 Feb 201916:03	–	githubexploit
0day.today	Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution Vulnerability	24 Feb 201900:00	–	zdt
0day.today	Drupal < 8.6.9 - REST Module Remote Code Execution Exploit	25 Feb 201900:00	–	zdt

[
  {
    "product": "Drupal Core",
    "vendor": "Drupal",
    "versions": [
      {
        "lessThan": "8.5.11",
        "status": "affected",
        "version": "8.5",
        "versionType": "custom"
      },
      {
        "lessThan": "8.6.10",
        "status": "affected",
        "version": "8.6",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
exploit-db	www.exploit-db.com/exploits/46510/
synology	www.synology.com/security/advisory/Synology_SA_19_09
securityfocus	www.securityfocus.com/bid/107106
exploit-db	www.exploit-db.com/exploits/46459/
drupal	www.drupal.org/sa-core-2019-003
exploit-db	www.exploit-db.com/exploits/46452/

08 Mar 2019 10:57Current

8.3High risk

Vulners AI Score8.3

EPSS0.9441