Quick.Cart actions_client/orders.php config[db_type] Variable Traversal Local File Inclusion

2006-12-05T07:03:58
ID OSVDB:31749
Type osvdb
Reporter OSVDB
Modified 2006-12-05T07:03:58

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off' and the register_globals PHP option is 'on'.

References:

Secunia Advisory ID:23168 Related OSVDB ID: 31745 Related OSVDB ID: 31747 Related OSVDB ID: 31750 Related OSVDB ID: 31740 Related OSVDB ID: 31746 Related OSVDB ID: 31748 ISS X-Force ID: 30698 Generic Exploit URL: http://www.milw0rm.com/exploits/2889 FrSIRT Advisory: ADV-2006-4835 CVE-2006-6390 Bugtraq ID: 21411