PHPRecipeBook classes/Import_MM.class.php g_rb_basedir Variable Remote File Inclusion

2006-10-17T04:49:18
ID OSVDB:29743
Type osvdb
Reporter OSVDB
Modified 2006-10-17T04:49:18

Description

Solution Description

Upgrade to version 2.37 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://phprecipebook.sourceforge.net/ Secunia Advisory ID:22427 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0312.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0300.html ISS X-Force ID: 29611 Generic Exploit URL: http://www.milw0rm.com/exploits/2584 FrSIRT Advisory: ADV-2006-4051 CVE-2006-5399 Bugtraq ID: 20575