2 matches found
Code injection
security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTEADDR variable to 127.0.0.1...
XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit
No description provided by source. XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads...