StoreFront for Gallery mods/ui_functions.php GALLERY_BASEDIR Variable Remote File Inclusion

ID OSVDB:34970
Type osvdb
Reporter OSVDB
Modified 2007-04-16T07:18:53


Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).


Secunia Advisory ID:24890 Related OSVDB ID: 34969 Other Advisory URL: ISS X-Force ID: 33701 Generic Exploit URL: FrSIRT Advisory: ADV-2007-1423 CVE-2007-2068 Bugtraq ID: 23516