CVE-2008-6171 in Drupal
摘要
由 VulDB • 2026-06-21
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.