The version of Drupal running on the remote web server is affected by a remote code execution vulnerability in the bundled RESTful Web services (RESTWS) module due to a flaw in how default page callbacks for Drupal entities are altered when handling specially crafted requests. An unauthenticated, remote attacker can exploit this, via a crafted request, to execute arbitrary PHP code.

The Joomla! installation running on the remote web server is affected by a SQL injection vulnerability in the fields.php script due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or modification of arbitrary data.

The WordPress application running on the remote web server is version 4.7.x prior to 4.7.2. It is, therefore, affected by a privilege escalation vulnerability in the REST API due to a failure to properly sanitize user- supplied input to the 'id' parameter when editing or deleting blog posts. An unauthenticated, remote attacker can exploit this issue to run arbitrary PHP code, inject content into blog posts, modify blog post attributes, or delete blog posts.

The WordPress REST API is enabled by default as of version 4.7.0. This vulnerability was silently patched in WordPress version 4.7.2.

Note that WordPress is reportedly affected by additional vulnerabilities; however, the scanner has not tested for these.

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Note: This has been detected using an active check and should be remediated immediately.

A public facing WordPress XML-RPC interface has been detected.

An attacker may be able to launch attacks against the web server Via XML-RPC including:
 - Login into WordPress backend Administrative interface
 - Brute force user credentials
 - Use pingbacks (for scanning or fingerprinting for example)

ID	Name	Severity
98219	Drupal RESTWS Module Page Callback RCE	critical
98218	Joomla! 3.7.0 < 3.7.1 fields.php getListQuery() Method SQLi	critical
98217	WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation	high
98216	Drupal < 7.58 / 8.x < 8.3.9 / 8.4.x < 8.4.6 / 8.5.x < 8.5.1 Remote Code Execution	critical
98215	WordPress XML-RPC Interface Detected	medium

Detections

Analytics

Component Vulnerability Family for Web App Scanning

critical

critical

high

critical

medium