CVE-2014-3704

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

Published: Oct 16, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3704
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
drupal / drupal	7.0	7.32
debian / debian_linux	7.0	7.0.x

http://osvdb.org/show/osvdb/113371
http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html
http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html
http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html
http://seclists.org/fulldisclosure/2014/Oct/75
http://secunia.com/advisories/59972
http://www.debian.org/security/2014/dsa-3051
http://www.exploit-db.com/exploits/34984
http://www.exploit-db.com/exploits/34992
http://www.exploit-db.com/exploits/34993
http://www.exploit-db.com/exploits/35150
http://www.openwall.com/lists/oss-security/2014/10/15/23
http://www.securityfocus.com/archive/1/533706/100/0/threaded
http://www.securityfocus.com/bid/70595
https://www.drupal.org/SA-CORE-2014-005
https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html
https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html

Vulnerability Database

289,697

CVE-2014-3704