So we inherited this drupal web application from a third party. We are not familiar with Drupal or PHP much & tried running a security scan on the url and found the following vulnerability:
Blind SQL Injection on http://www.appname.com/search/node/user?page=2
I am not 100% sure or if this is false alarm or if we need to remediate it.
Our version is Drupal 7.34, PHP 5.3.3
Is this a known security vulnerability on this drupal version and is there a patch I can apply?
Or would this need code fix.
I would appreciate some responses from drupal experts.
Scan Results:
Payload page=2')%20or%20's'%3D's Request GET http://www.myapp.com/search/node/user?page=2')%20or%20's'%3D's
__hstc=152192870.83eb34050462bfd32039cf97dffcf9d7.1445954937606.1445954937606.1445954937606.1; __hssrc=1; __atssc=link%3B2; Click this link to try to reproduce the vulnerability using above payload.Note that clicking this link may not lead to visible results, either because the vulnerability requires context to be previously set (authentication, cookies...) or because the exploitation of the vulnerability does not lead to any visible proof.
This vulnerability was identified using the difference in responses for TRUE and FALSE payloads. This vulnerability is confirmed based on the difference in the response content (detected using fuzzy match). Content of all TRUE responses differ from FALSE responses (detected using fuzzy match). True condition: http://www.myapp.com/search/node/user?page=2')%20or%20's'%3D's False condition: http://www.myapp.com/search/node/user?page=2')%20and%20'w'%3D's
Drupal is actually in version 7.41, a few versions btw 7.34 and 7.41 were critical, so i would suggest to upgrade (even if the last major one was before 7.34). Because it is hard to tell what is using your site (openID, ...?), even if a problem on search modules do not rng a bell to me. Also take a look at the search module you have on this site, it might be a completly outdated contribued module.