Full title: Drupal HTTP Parameter Key/Value SQL Injection Vulnerability 
Category: remote exploits
Platform: php
This Metasploit module exploits the Drupal HTTP Parameter Key/Value SQL Injection (aka Drupageddon) in order to achieve a remote shell on the vulnerable instance. This Metasploit module was tested against Drupal 7.0 and 7.31 (was fixed in 7.32).

# 0day.today @ http://0day.today/