Gentoo Linux Security Advisory 200510-21...

- AV AC AU C I A
发布: 2005-10-26
修订: 2025-04-13

Gentoo Linux Security Advisory GLSA 200510-21 - Stefan Esser discovered that by calling certain PHP files directly, it was possible to workaround the grab_globals.lib.php security model and overwrite the $cfg configuration array. Systems running PHP in safe mode are not affected. Furthermore, Tobias Klein reported several cross-site-scripting issues resulting from insufficient user input sanitizing. Versions less than 2.6.4_p3 are affected.

0%

漏洞利用/PoC

当前有1条漏洞利用/PoC

受影响的平台与产品

当前有0条受影响产品信息