Описание
PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array.
PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35980
- http://osvdb.org/38880
- http://securityreason.com/securityalert/3005
- http://www.securityfocus.com/archive/1/476274/100/0/threaded
- http://www.securityfocus.com/archive/1/476437/100/0/threaded
- http://www.securityfocus.com/archive/1/476608/100/0/threaded
Связанные уязвимости
PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array.