The version of Drupal installed on the remote server is 7.x prior to 7.58, and is affected by a flaw in the βpreHandle()β function in βcore/lib/Drupal/Core/DrupalKernel.phpβ that is triggered as certain parameter keys within HTTP requests are not properly sanitized. This may allow a remote attacker to execute arbitrary code. This issue may be exploited using multiple unspecified attack vectors.
Binary data 700224.prm