Multiple PHP vulnerabilities updated since 31.10.2005
Published:		29.01.2006
Source:		FULL-DISCLOSURE
SecurityVulns ID:		5398
Type:		library
Level:		6/10
Description:		phpinfo() crossite scripting, parse_str() register_globals activisation possibility, $GLOBALS variable modification witrh HTTP POST form 'fileupload' field. It's also possible to modify any variable with GLOBALS[variable].

Affected:		PHP : PHP 5.0
		PHP : PHP 4.4

Original document		ascii, PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable. (29.01.2006)
		SECUNIA, [SA17763] PHP "mb_send_mail()" "To:" Header Injection Vulnerability (28.11.2005)
		Juha-Matti Laurio, PHP Version 5.1.0 Update Fixes Several Vulnerabilities (26.11.2005)
		Stefan Esser, [Full-disclosure] Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (31.10.2005)
		Stefan Esser, [Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (31.10.2005)
		Stefan Esser, [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (31.10.2005)

Discuss:

Read or add your comments to this news (0 comments)