wp-Table Plugin for WordPress js/wptable-button.php wpPATH Variable Local File Inclusion

2007-05-02T05:38:31
ID OSVDB:37297
Type osvdb
Reporter OSVDB
Modified 2007-05-02T05:38:31

Description

Technical Description

This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).

References:

Secunia Advisory ID:25063 Other Advisory URL: http://advisories.echo.or.id/adv/adv82-K-159-2007.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-05/0013.html Keyword: ECHO_ADV_82$2007 ISS X-Force ID: 33989 Generic Exploit URL: http://www.milw0rm.com/exploits/3824 FrSIRT Advisory: ADV-2007-1614 CVE-2007-2483