FlatNuke verify.php Arbitrary PHP Injection

2005-12-10T17:25:24
ID OSVDB:21750
Type osvdb
Reporter OSVDB
Modified 2005-12-10T17:25:24

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Vendor URL: http://flatnuke.sourceforge.net Security Tracker: 1015339 Related OSVDB ID: 21749 Other Advisory URL: http://rgod.altervista.org/flatnuke256_xpl.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0103.html ISS X-Force ID: 22159 Generic Exploit URL: http://www.milw0rm.com/id.php?id=1140 CVE-2005-4449