CVE-2006-0479
pmwiki.php in PmWiki 2.1 beta 20, with registerglobals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS variable with the same name, which causes PmWiki to unset the GLOBALS variable but not the GPC...