PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://rgod.altervista.org/phpdocumentor_130rc4_incl_expl.html - Exploit | |
References | () http://secunia.com/advisories/18248 - | |
References | () http://securityreason.com/securityalert/303 - | |
References | () http://securitytracker.com/id?1015423 - | |
References | () http://www.osvdb.org/22114 - | |
References | () http://www.osvdb.org/22115 - | |
References | () http://www.securityfocus.com/archive/1/420441/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/16080 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/23902 - |
Information
Published : 2005-12-31 05:00
Updated : 2025-04-03 01:03
NVD link : CVE-2005-4593
Mitre link : CVE-2005-4593
CVE.ORG link : CVE-2005-4593
JSON object : View
Products Affected
joshua_eichorn
- phpdocumentor
CWE