How it works...
In this recipe, we first downloaded CMSmap from its GitHub source code repository using the git command-line client with the clone command, which makes a local copy of the specified repository. Once CMSmap was installed, we checked it was ready to execute and saw the usage options, then we ran it against our target.
In the results, we saw a vulnerability rated as high impact by the scanner and looked online for information about it, finding that it was an SQL injection with several publicly available exploits.
This vulnerability was disclosed in Drupal's security advisory SA-CORE-2014-005 (https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2014-10-15/sa-core-2014-005-drupal-core-sql). According to ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access