Simple PHP Scripts (sphp) index.php gallery Variable Remote File Inclusion

ID OSVDB:34982
Type osvdb
Reporter OSVDB
Modified 2006-11-20T09:03:54


Technical Description

This vulnerability is only present under the following conditions: - Remote inclusion from FTP servers if allow_url_fopen and allow_url_include PHP options are "on" and that the system is running PHP 5.x. - Local inclusion if magic_quotes_gpc is "off".


Secunia Advisory ID:24912 Mail List Post: CVE-2007-2679 Bugtraq ID: 23534