Drupal PostgreSQL SQL Injection: From SELECT-Only to RCE

The post references a detailed technical write-up about a SQL injection vulnerability in Drupal when using PostgreSQL as the database backend. The vulnerability allows an attacker to escalate a SELECT-only SQL injection into remote code execution (RCE). The exploit leverages PostgreSQL-specific features and Drupal’s configuration to achieve this escalation. The write-up provides proof-of-concept details for the attack chain.