Description
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Remediation
References
Related Vulnerabilities
WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)
Microsoft SQL Server Other Vulnerability (CVE-2000-1088)
WordPress Plugin Memphis Documents Library Cross-Site Request Forgery (3.9.20)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1460)