2 matches found
CVE-2005-2574
The CVE-2005-2574 entry concerns XMB Forum 1.9.1 where the file xmb.php “extracts and defines all provided variables,” allowing a remote attacker to modify arbitrary server variables such as _SERVER[REMOTE_ADDR] . This is a direct impact on server environment data due to improper input handling. ...
CVE-2005-2574
xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables, which allows remote attackers to modify arbitrary server variables such as SERVERREMOTEADDR...