SquirrelMail functions/plugin.php plugins[] Variable Local File Inclusion

2006-05-31T09:20:26
ID OSVDB:25973
Type osvdb
Reporter OSVDB
Modified 2006-05-31T09:20:26

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off' and the register_globals PHP option is 'on'.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1016209 Secunia Advisory ID:26235 Secunia Advisory ID:20406 Secunia Advisory ID:20931 Secunia Advisory ID:21159 Secunia Advisory ID:21262 RedHat RHSA: RHSA-2006:0547 Other Advisory URL: http://docs.info.apple.com/article.html?artnum=306172 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0707.html FrSIRT Advisory: ADV-2006-2101 CVE-2006-2842 Bugtraq ID: 18231