phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpGraphy.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-02-04 00:28
Updated : 2024-02-04 17:13
NVD link : CVE-2006-6966
Mitre link : CVE-2006-6966
CVE.ORG link : CVE-2006-6966
JSON object : View
Products Affected
phpgraphy
- phpgraphy
CWE