Drupal Resources

Drupal Resources

Drupal Security Advisories

Project: File (Field) PathsDate: 2018-August-15Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:All/E:Theoretical/TD:DefaultVulnerability: Remote Code ExecutionDescription: 

This module enables you to automatically sort and rename your uploaded files using token based replacement patterns to maintain a nice clean filesystem.

The module doesn't sufficiently sanitize the path while a new file is uploading, allowing a remote attacker to...

Project: PHP ConfigurationVersion: 8.x-1.07.x-1.0Date: 2018-August-08Security risk: Critical 17∕25 AC:Basic/A:Admin/CI:All/II:All/E:Theoretical/TD:AllVulnerability: Arbitrary PHP code executionDescription: 

This module enables you to add or overwrite PHP configuration on a drupal website.

The module doesn't sufficiently allow access to set these configurations, leading to arbitrary PHP configuration execution by an attacker.

This...

  • Advisory ID: SA-CORE-2018-005
  • Project: Drupal core
  • Version: 8.x
  • CVE: CVE-2018-14773
  • Date: 2018-August-01
Description

The Drupal project uses the Symfony library. The Symfony library has released a security update that impacts Drupal. Refer to the Symfony security advisory for the issue.

The same vulnerability also exists in the Zend Feed and Diactoros libraries included in Drupal core; however, Drupal core does not use the...

Recent Article

This articles features links and information from the Peerless design Security presentation from various Drupal Camps in the Eastern US. Audio from New Jersey's impromptu presentation can be found on the Drupal Camp NJ site for 2014. The PDF version contains all info removed to accommodate time constraints. The entire presentation is available in a white paper available here.

Drupal Weekly Drop

Issue 352 - August, 16th 2018
Issue 351 - August, 9th 2018
Issue 350 - August, 2nd 2018

Planet Drupal

Simple Website Approach Using a Headless CMS: Part 1 I strongly believe that the path for innovation requires a mix of experimentation, sweat, and failure. Without experimenting with new solutions, new technologies, new tools, we are limiting our ability to improve, arresting our potential to be better, to be faster, and sadly ensuring that we stay rooted in systems, processes and...
Photo by Floriane Vita on UnsplashWhat is digital transformation?

It is 2018 and we are still talking about digital transformation? Wasn’t that finished and done ten or fifteen years ago? Not completely. Based on the study from Grand View Research the global digital transformation market size was valued at $177.27 billion in 2017 and is expected to reach...

Sites Still Vulnerable to Drupalgeddon 2

Attackers are exploiting Drupalgeddon 2 critical vulnerability in Drupal to compromise systems & secretly turn them into malicious cryptocurrency mining machines like cryptojacking malware, mine for Monero.
The only side effects a victim might notice is that their system is running slower or doing more work than usual.

heykarthikwithu Wednesday, 27 June 2018 - 12:55:39 IST

What our clients are saying

...very responsive to our questions and needs
...creative, independent, responsive...
...your punctuality, your casual and open personalities, and both your hard copy and online portfolios speak very highly of you and your business as well
...continued to monitor it closely and is still always available to help me if I have any questions
...we just want you to know that we are appreciative!
...I have no doubt we will have the best site in the 2010 election of any PA candidate
...can do anything any other designer can do and generally quicker, cheaper and better.
I would highly recommend her for any position requiring IT design and development
...took my less than mediocre site and completely revamped it into a beautiful, professional, and easy-to-navigate site
... they also made suggestions which showed me that they fully understood what I wanted to accomplish.
...dedicated, competent and driven to get the job done and done well.
" PDI provides us prompt, effective and efficient service in maintaining our Drupal based website."
I would highly recommend her for any position requiring IT design and development
Thanks so much for everything!
I love directing our customers to our new site knowing that they are going to be able to find exactly what they are looking for...
I have seen the first layouts and they are awesome...
I realized that I had picked the right company to work with soon after beginning a project with Peerless Design, Inc.
...able to take my abstract ideas and add their expertise to bring them to life in a way that was better than I could have imagined!
...able to translate technical information in an accessible way...
I had a very tight deadline and budget, and they met it, seemingly with ease.
...provided us with excellent, expert service in a professional and personable manner.
... incredibly impressed with what you brought to the table
A great experience and a much improved website.
...a pleasure to work with, combining patience (for my busy schedule and at times overwhelmed brain) with her strong motivation and energy to keep me going
I'm so happy we chose to work with PEERLESS Design.