2 matches found
CVE-2016-3171
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation...
CVE-2016-3171
Drupal 6.x before 6.38 is vulnerable when used with PHP < 5.4.45, 5.5.x < 5.5.29, or 5.6.x