SocketMail inc-common.php site_path Variable Remote File Inclusion

2006-05-25T07:19:19
ID OSVDB:26084
Type osvdb
Reporter OSVDB
Modified 2006-05-25T07:19:19

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to \'on\'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

References:

Vendor URL: http://socketmail.com/ Secunia Advisory ID:20273 Related OSVDB ID: 26083 Other Advisory URL: http://www.majorsecurity.de/advisory/major_rls6.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0562.html ISS X-Force ID: 26693 FrSIRT Advisory: ADV-2006-1976 CVE-2006-2681