Bugtraq mailing list archives
Re: PHPCentral Poll Script Remote Command Execution Vulnerability
From: Eren Türkay <turkay.eren () gmail com>
Date: Tue, 21 Aug 2007 00:11:57 +0300
On Monday 20 August 2007 23:10:22 Coopercentral () gmail com wrote:
HI: I am the creator of this poll script, and would like to do whatever possible to make this NOT vulnerable. Thanks for finding this, and hope I can help.
I guess, if "register_globals" option is off (it's off by default since php4), this exploit will fail and not work.. Please make sure that you disabled "register_globals" option in your php.ini who uses this script and who uses php.
Current thread:
- PHPCentral Poll Script Remote Command Execution Vulnerability rizgar (Aug 13)
- <Possible follow-ups>
- Re: PHPCentral Poll Script Remote Command Execution Vulnerability Coopercentral (Aug 20)
- Re: PHPCentral Poll Script Remote Command Execution Vulnerability Eren Türkay (Aug 20)