1 matches found
CVE-2005-2106
Drupal 4.5.0–4.6.1 contains a vulnerability that allows remote attackers to execute arbitrary PHP code via public comments or postings. Debian’s DSA-745-1 fixes this in 4.5.3-3; upgrade recommended to remediate.