Vulnerabilities > Drupal > Drupal > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-19 | CVE-2008-6171 | Improper Input Validation vulnerability in Drupal includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header. | 9.3 |