OpenDock Easy Blog sw/lib_up_file/file.php doc_directory Variable Remote File Inclusion

ID OSVDB:29635
Type osvdb
Reporter Dedi Dwianto(
Modified 2006-10-09T07:34:59


Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

Manual Testing Notes



Vendor URL: Security Tracker: 1017027 Secunia Advisory ID:22335 Related OSVDB ID: 29634 Related OSVDB ID: 29640 Related OSVDB ID: 29636 Related OSVDB ID: 29637 Related OSVDB ID: 29638 Related OSVDB ID: 29639 Related OSVDB ID: 29641 Related OSVDB ID: 29642 Other Advisory URL: Mail List Post: Keyword: ECHO_ADV_50$2006 ISS X-Force ID: 29399 Generic Exploit URL: FrSIRT Advisory: ADV-2006-3970 CVE-2006-5244 Bugtraq ID: 20408