Multiple PHP vulnerabilities

2006-01-29T00:00:00
ID SECURITYVULNS:VULN:5398
Type securityvulns
Reporter FULL-DISCLOSURE
Modified 2006-01-29T00:00:00

Description

phpinfo() crossite scripting, parse_str() register_globals activisation possibility, $GLOBALS variable modification witrh HTTP POST form 'fileupload' field. It's also possible to modify any variable with GLOBALS[variable].