Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability

info
discussion
exploit
solution
references

Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability

Attackers can exploit this issue via a web client.

The following exploits are available for versions prior to 4.76 and versions prior to 5.1:

/data/vulnerabilities/exploits/22306Drupal4.pl
/data/vulnerabilities/exploits/22306Drupal5.pl