Remotely Exploitable CodeGrrl PHP Products File Inclusion Vulnerability

Published: 2005-11-14
Last Updated: 2005-11-14 19:39:14 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
Secunia - CodeGrrl Products "siteurl" File Inclusion Vulnerability

"Successful exploitation requires that "register_globals" is enabled."

Edit the source code to ensure that input is properly sanitised.

Set "register_globals" to "Off".".

FrSIRT CodeGrrl Multiple Products "siteurl" Remote File Inclusion Vulnerability
"Affected Products

PHPCurrently version 2.0 and prior
PHPQuotes version 1.0 and prior
PHPCalendar version 1.0 and prior
PHPClique version 1.0 and prior
PHPFanBase version 2.1 and prior".

0 comment(s)


Diary Archives