### [CVE-2014-3704](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3704)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

### POC

#### Reference
- http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html
- http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html
- http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Oct/75
- http://www.exploit-db.com/exploits/34984
- http://www.exploit-db.com/exploits/34993
- http://www.exploit-db.com/exploits/35150
- http://www.openwall.com/lists/oss-security/2014/10/15/23
- https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html
- https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html

#### Github
- https://github.com/0ps/pocassistdb
- https://github.com/1120362990/vulnerability-list
- https://github.com/20142995/pocsuite3
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/AleDiBen/Drupalgeddon
- https://github.com/BCyberSavvy/Python
- https://github.com/CCrashBandicot/helpful
- https://github.com/CLincat/vulcat
- https://github.com/CyberSavvy/python-pySecurity
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Z0fhack/Goby_POC
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/catsploit/catsploit
- https://github.com/enomothem/PenTestNote
- https://github.com/happynote3966/CVE-2014-3704
- https://github.com/hxysaury/saury-vulnhub
- https://github.com/ipirva/NSX-T_IDS
- https://github.com/jweny/pocassistdb
- https://github.com/kalivim/pySecurity
- https://github.com/koutto/jok3r-pocs
- https://github.com/maya6/-scan-
- https://github.com/moradotai/CMS-Scan
- https://github.com/q99266/saury-vulnhub
- https://github.com/smartFlash/pySecurity
- https://github.com/superfish9/pt
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/t0m4too/t0m4to
- https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
- https://github.com/xinyisleep/pocscan