Php-Stats config.php Arbitrary PHP Command Injection

ID OSVDB:23689
Type osvdb
Reporter OSVDB
Modified 2006-03-03T12:47:35


Technical Description

An attacker must supply valid administration authentication credentials (or leverage such privileges via OSVDB 23687) in order to exploit this vulnerability.

Solution Description

Upgrade to version or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor URL: Secunia Advisory ID:19116 Related OSVDB ID: 23687 Related OSVDB ID: 23686 Related OSVDB ID: 23688 Related OSVDB ID: 23685 Other Advisory URL: Mail List Post: Mail List Post: Generic Exploit URL: