Security Advisory

CVE-2008-6171

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-02-19 15:02:00

Last updated 2024-08-07 11:20:25

Assigner mitre

State PUBLISHED

Description

includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header.

← Browse all CVEs View on cve.org ↗