Questions tagged [drupal]

Security questions related to Drupal.

Security questions related to Drupal. Drupal is a free and open-source content management framework written in PHP. For general questions related to Drupal only please visit http://drupal.stackexchange.com/.

19 questions

votes

0 answers

drupal external authentication - how to handle password?

I need to implement an architecture someone else designed. They have a drupal as user interacting component, and an external authentication module. To authenticate, from drupal, username and password should be passed to the external authentication…

passwords authentication drupal

asked Sep 12 '14 at 20:14

transient_loop

votes

2 answers

website hacked - phishing form

My Drupal 7.28 site has been hacked through the the tmp dir which was not protected by .htaccess file. The hacker managed to delete the main .htaccess file and upload some bogus google docs 2014 directory with php files to the site. After some work…

phishing drupal

asked Jul 03 '14 at 03:44

mark.sasson7

votes

1 answer

PHP code in image file

My drupal website was getting hacked recently. While cleaning up the malicious scripts, I found that the hacker uploaded an image file (sites/default/files/test.jpg) contains below…

php obfuscation drupal

asked Jun 09 '21 at 07:11

cww

votes

0 answers

Drupal 8 - Create REST API vulnerable to SQL Injection for CTF purposes

Recently I started creating a CTF challenge based on Drupal 8. I want to create a REST API parameter that will be vulnerable to SQLi. Even if this isn't something I should ask for here, I decided to do it in case anyone who knows Drupal is willing…

sql-injection configuration drupal

asked May 06 '20 at 14:51

Com

Prev 1