{"vulnerability": "CVE-2019-6340", "sightings": [{"uuid": "8ef49f00-1039-401d-be31-6bf368064200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "bd931ce5-f3ec-448e-bb89-be57b46054a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46510", "content": "", "creation_timestamp": "2019-03-07T00:00:00.000000Z"}, {"uuid": "5144f3ec-69c7-4f1c-95c3-c92e59bc34d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "MISP/a09d8c93-444c-40d7-845a-628a69f6c667", "content": "", "creation_timestamp": "2024-11-14T06:09:27.000000Z"}, {"uuid": "773e7bda-3152-490f-ab0a-c0429024be7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971440", "content": "", "creation_timestamp": "2024-12-24T20:29:22.433225Z"}, {"uuid": "9ee46c87-fb57-4ba5-b1b2-7c1cb83155a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "8ab52afb-e7bd-4b46-8a1c-c5f1a4de0141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:17.000000Z"}, {"uuid": "2f65e66c-9e44-4574-87e0-434e3a1f3bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/drupal_restws_unserialize.rb", "content": "", "creation_timestamp": "2019-03-06T03:17:20.000000Z"}, {"uuid": "534da24f-b0f3-4b70-a74f-b6ae5c481138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:24.000000Z"}, {"uuid": "05a7084b-63a0-4df8-8275-2ea6c374dcec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=366", "content": "", "creation_timestamp": "2019-02-21T04:00:00.000000Z"}, {"uuid": "3d1dd2a0-956b-4989-b6dc-b937849312d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "Telegram/toAfJHPsYpkCQM7OukT91s34EN6OrVWI3nj1J-8l-rer_yQ", "content": "", "creation_timestamp": "2024-09-09T03:26:21.000000Z"}, {"uuid": "7f7e2c60-dd71-4ca7-ac30-a7f8020aa92f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ff21fa49-83c3-4561-9678-df4206d079ea", "content": "", "creation_timestamp": "2026-02-02T12:28:00.943196Z"}, {"uuid": "9aa1dcb0-40fa-476c-b4b1-5734b5d61f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/cve20196340", "content": "", "creation_timestamp": "2022-05-23T23:23:45.000000Z"}, {"uuid": "8b6f84d3-833b-40e2-be56-b2f77662bdf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5130", "content": "https://medium.com/@SecurityBender/building-a-real-world-web-honeypot-for-cve-2019-6340-rce-in-drupal-core-f4240f989c3f", "creation_timestamp": "2019-05-27T15:33:19.000000Z"}, {"uuid": "5d9d5484-6e23-439c-b6c5-8b72f5d70da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://t.me/antichat/3730", "content": "(CVE-2019-6340) Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution https://www.ambionics.io/blog/drupal8-rce #web #drupal #rce #poc", "creation_timestamp": "2019-02-24T08:14:24.000000Z"}, {"uuid": "1f1a7338-9e2d-43ee-ab2b-0b8508af70d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://t.me/CyberGovIL/361", "content": "\u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e0\u05d7\u05e9\u05e4\u05d4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea (CVE-2019-6340) \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d7\u05d5\u05e4\u05e9\u05d9\u05ea \u05dc\u05e0\u05d9\u05d4\u05d5\u05dc \u05ea\u05d5\u05db\u05df \u05d1\u05d0\u05ea\u05e8\u05d9 WEB -Drupal .\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d1\u05ea\u05e0\u05d0\u05d9\u05dd \u05de\u05e1\u05d5\u05d9\u05de\u05d9\u05dd \u05dc\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3  PHP\u05de\u05e8\u05d7\u05d5\u05e7 (RCE).", "creation_timestamp": "2019-02-21T16:28:00.000000Z"}, {"uuid": "2d2ada5c-a34d-4628-abfa-15e7fdee96f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://t.me/R0_Crew/963", "content": "(CVE-2019-6340) Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution https://www.ambionics.io/blog/drupal8-rce POC: https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88 #web #drupal #rce #poc", "creation_timestamp": "2019-03-07T14:24:08.000000Z"}, {"uuid": "6309452c-5bea-43e6-b306-233afa5604c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/_mJtDy9q98eTgpcwkcTAP3RnkS9OtvorcW707YvSSaKbfwI", "content": "", "creation_timestamp": "2024-09-09T03:20:25.000000Z"}, {"uuid": "4ec53fc1-c079-4389-9413-09912b080bc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://t.me/news4hack/294", "content": "\ud83d\udc80 Exploit Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution CVE-2019-6340\nhttps://sploitus.com/exploit?id=EDB-ID:46452", "creation_timestamp": "2019-02-24T20:40:50.000000Z"}, {"uuid": "3e9d433a-e1fb-4793-b438-54b28f4dbc9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://t.me/news4hack/320", "content": "Add Drupal SA-CORE-2019-003 (CVE-2019-6340) \u00b7 Issue #11481 \u00b7 rapid7/metasploit-framework \u00b7 GitHub\nhttps://github.com/rapid7/metasploit-framework/pull/11481#issuecomment-469951674", "creation_timestamp": "2019-03-07T05:01:26.000000Z"}, {"uuid": "d2ac8f03-45a3-41f0-9c94-73234a646a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/Ag_tNuD2FFhIdR24FpzYxpagTqHglSt8zImyl2gJh_N0CQ", "content": "", "creation_timestamp": "2024-09-09T03:26:21.000000Z"}, {"uuid": "0c3a5459-432e-4367-8011-964d096bcbe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/hJCg1pTNv67vveEozldwa76R6N7UHwHeTTkXsYooTvmHbg", "content": "", "creation_timestamp": "2024-09-09T03:20:25.000000Z"}, {"uuid": "86d65b0a-f4c7-423d-9be4-3f7f28f3fa22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://t.me/ctinow/8529", "content": "Hackers Actively Exploiting Latest Drupal RCE Flaw Published This Week Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied patches and are still vulnerable.\n\nLast week, developers of the popular open-source content management system Drupal patched a critical remote code execution (RCE) vulnerability (CVE-2019-6340) in Drupal", "creation_timestamp": "2019-02-26T13:47:49.000000Z"}, {"uuid": "af103337-7a2b-4790-946b-6c3ab0fe7175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://t.me/arpsyndicate/4829", "content": "#ExploitObserverAlert\n\nCVE-2019-6340\n\nDESCRIPTION: Exploit Observer has 160 entries in 16 file formats related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)\n\nFIRST-EPSS: 0.974820000\nNVD-IS: 5.9\nNVD-ES: 2.2\nARPS-PRIORITY: 0.9540601", "creation_timestamp": "2024-04-24T22:03:14.000000Z"}, {"uuid": "e57a0483-90ea-4e85-838e-ba97efb3feb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/w-AiTcO4OdtJWC9-QUfpVVEw4ar3nG9n0OJ3QP_b-AjN_1Y", "content": "", "creation_timestamp": "2024-09-09T16:00:14.000000Z"}, {"uuid": "fab7fcb1-bd9f-484c-8da5-a470f96f8f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/wZqYm_ZrqBlGb-4ZkLK-TogIlYcGD44oCisg-wwCE21TfZw", "content": "", "creation_timestamp": "2024-09-09T03:20:22.000000Z"}, {"uuid": "7e6c49be-ffa4-4922-b726-5859a43e71bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/WzLqTM0PzTfC2EZNslHCZODOPYSUicV39Ey-NfwO-9YA_pK3jQ", "content": "", "creation_timestamp": "2024-06-26T14:13:36.000000Z"}, {"uuid": "cddf84ef-0018-421d-929b-fde51397d398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/0D_dYVpr-kFDPfL1GvMVJnXHIW4YAYU8_NscrrZptVqi_ls", "content": "", "creation_timestamp": "2024-09-09T03:26:20.000000Z"}, {"uuid": "84771f06-5993-482a-bc0f-f99792e29afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://t.me/arpsyndicate/1406", "content": "#ExploitObserverAlert\n\nCVE-2019-6340\n\nDESCRIPTION: Exploit Observer has 67 entries related to CVE-2019-6340. Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)\n\nFIRST-EPSS: 0.974840000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-05T06:00:26.000000Z"}, {"uuid": "e520f028-bdd7-42c9-8796-d4866d6104f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/868lZOSEh9JbROnB7X_Ag_nhCCfkNPR5f-N3cylbdHdGY7Y", "content": "", "creation_timestamp": "2024-09-09T03:20:25.000000Z"}, {"uuid": "02f7782b-235d-41f9-81a0-6071141fcb9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/ioVEeSD9u7LQ6e-eFwO7j9vOgC_1yBfqaFzLrXYGKpOCfAx9gA", "content": "", "creation_timestamp": "2024-09-09T03:26:20.000000Z"}, {"uuid": "d06ec29a-86e9-4a7d-acf1-c5a5fdf65cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/fkIQOixNVzZspcQ4xddK4WJQPIed-TN8KgWqybMnKfzPY46m9A", "content": "", "creation_timestamp": "2024-06-27T10:31:03.000000Z"}, {"uuid": "8a9c6c1c-c359-468f-91f2-b6f29e07bec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://t.me/thehackernews/201", "content": "Drupal releases software updates to patch a new CRITICAL remote code execution flaw (CVE-2019-6340) that could allow hackers to hijack websites \u2014 UPDATE your site ASAP!\n\nhttps://thehackernews.com/2019/02/hacking-drupal-vulnerability.html", "creation_timestamp": "2019-02-22T14:49:00.000000Z"}, {"uuid": "eb70500c-1998-493b-999e-bf8c0f6c27b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/Xiv2zHpqeSn3Oc9VuSrkJCblIgDFeLV5YpIZBGMDwHsD", "content": "", "creation_timestamp": "2021-08-29T17:34:12.000000Z"}, {"uuid": "c0bd576c-aefb-45a8-ae6b-6b6b3d50ec31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "Telegram/1VUd7eRR-ph39YMF-7fh2DmbZiFsDdjQ0u1eG7fz02uY", "content": "", "creation_timestamp": "2021-08-29T17:32:23.000000Z"}, {"uuid": "3e95695f-f21e-40f4-9c74-05b05aa57b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "seen", "source": "https://t.me/SecLabNews/4314", "content": "\u0412 \u044f\u0434\u0440\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c Drupal \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2019-6340), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0438\u043f\u0430\u0445 \u043f\u043e\u043b\u0435\u0439, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 PHP-\u043a\u043e\u0434.    \n\u0412 Drupal \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c", "creation_timestamp": "2019-02-21T10:04:49.000000Z"}, {"uuid": "4a244ef4-6218-4302-8801-4bacf86e84b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://t.me/SecLabNews/4349", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u0441\u0430\u0439\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 CMS Drupal \u0441 \u0446\u0435\u043b\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0434\u043b\u044f \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b. \u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u0442\u0430\u043a \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-6340 \u0432 Drupal, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.    \nPoC-\u043a\u043e\u0434 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Drupal \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0441\u0430\u0439\u0442\u044b", "creation_timestamp": "2019-02-26T10:25:33.000000Z"}, {"uuid": "95a02eae-ec49-4256-8f16-3aa74305b0ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "exploited", "source": "https://t.me/hackingtoolsprvi8/5", "content": "OsCommerce Exploits boom\n\n- OsCommerce 2.x Core RCE\nDrupal Exploits boom\n\n- Drupal Add admin \n- Drupal BruteForcer\n- Drupal Geddon2 Exploit - Upload shell + Index \n- CVE-2019-6340 Drupal8 RCE Exploit\nJoomla Exploits boom\n\n- Joomla BruteForcer\n- RCE joomla 1.x < 3.x\n- Add Admin joomla 0day 3.x\n- JCE Index + upload Shell Priv8\n- jdownloads index + shell priv8\n- com_media Index\n- Com_fabrik index + Shell priv8\n- com_alberghi Index \n- Com_AdsManager index + Shell priv8 Method\n- Com_MyBlog Index \n- Com_CCkJseblod Config Download\n- Com_Macgallery Config Download\n- Com_Joomanager Config download\n- Com_Hdflvplayer Config Download\n- Com_s5_media_player Config Download\n- Com_FoxContact UploadShell + Index\n- Com_Jbcatalog Upload Index & Shell\n- Com_SexyContactform Upload Index & Shell\n- Com_rokdownloads Upload Index & Shell\n- Com_extplorer Upload Index & Shell\n- Com_jwallpapers Upload Index & Shell\n- Com_facileforms Upload Index & Shell\nWordpress Exploits boom\n\n- Wp 4.7 Content Injection \n- Revslider css Index + Config", "creation_timestamp": "2019-08-26T07:06:49.000000Z"}, {"uuid": "3ecd5182-4e1b-4696-8c2d-0544db29eb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/5555", "content": "Building a real-world web honeypot for CVE-2019\u20136340 (RCE in Drupal core)\nhttps://medium.com/@SecurityBender/building-a-real-world-web-honeypot-for-cve-2019-6340-rce-in-drupal-core-f4240f989c3f", "creation_timestamp": "2019-05-27T19:00:54.000000Z"}, {"uuid": "274c861f-0823-424c-98bc-c471abbd9fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-6340", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/172", "content": "#Offensive_security\n1. Exploiting Drupal8's REST RCE\n(PoC for CVE-2019-6340)\nhttps://www.ambionics.io/blog/drupal8-rce\n2. Kerberoasting Revisited\nhttps://posts.specterops.io/kerberoasting-revisited-d434351bd4d1", "creation_timestamp": "2022-01-28T21:45:56.000000Z"}]}