Four significant vulnerabilities, ranging in severity from somewhat critical to critical, were listed in a security advisory from Drupal. Versions 9.3 and 9.4 of Drupal are vulnerable.
A site and server could be compromised if a hacker is able to run arbitrary code, according to the security advisory, however Drupal said that the version 7 of Drupal is not affected by these flaws.
Additionally, any Drupal versions older than 9.3.x have attained End of Life status, which means they will no longer receive security patches and are therefore dangerous to use.
According to Drupal, an attacker’s ability to issue any commands they want on a server is known as an arbitrary PHP code execution vulnerability.
“…the protections for these two vulnerabilities previously did not work correctly together. As a result, if the site were configured to allow the upload of files with an htaccess extension, these files’ filenames would not be properly sanitized. This could allow bypassing the protections provided by Drupal core’s default .htaccess files and possible remote code execution on Apache web servers.” Drupal said on their advisories.
Apache is the foundation for every other open source web server software, such as PHP and WordPress.
Running a malicious file remotely is referred to as remote code execution, and it allows an attacker to take control of a website or the entire server. The Apache web server software in this particular instance enables the attacker to directly target the web server.
Before you can receive free updates, link building strategies or SEO tips you need to confirm your email right now.
(It’s easy)
Just go to your inbox, open the confirmation email from the SIA, and click the link.
And that’s it!
PS: If you don’t see a confirmation email, please check your spam/junk or promotions folders. Sometimes the confirmation message ends up there by mistake.
Obtenez nos 7 études S.I.A. les plus controversées qui feront trembler la tête même les SEO les plus avancés d’incrédulité.
De plus, nous vous alerterons lorsque nous publierons de nouveaux tests au public.
Obtenga nuestros 7 estudios S.I.A. más controvertidos que harán que incluso el SEO más avanzado sacuda la cabeza con incredulidad.
Además, le avisaremos cuando publiquemos nuevas pruebas al público.
Get Our Most 7 Controversial S.I.A. Studies That Will Make Even the Most Advanced SEO Shake Their Head in Disbelief.
Plus we will alert you when we publish new tests to the public.
