Discover Hacks/Cracks News
Advisory says to assume all Drupal 7 websites are compromised
The SQL Injection vulnerability exists in an API used by Drupal, which is supposed to prevent SQL Injection. It was re-discovered by German security firm SektionEins in September, after a Drupal user hired them to check for vulnerabilities.
The link for this article located at CSO Online is no longer available.