7 lines
No EOL
610 B
Text
Executable file
7 lines
No EOL
610 B
Text
Executable file
source: http://www.securityfocus.com/bid/7598/info
|
|
|
|
A vulnerability has been reported for PHP-Proxima. The problem occurs in the autohtml.php script. Specifically, the script fails to verify the contents of a user-supplied variable before including a specified file into an HTML file. As a result, a malicious remote user may be capable of using this as a channel to disclose the contents of arbitrary local system files.
|
|
|
|
It should be noted that all local files would be accessed with the privileges of user invoking PHP-Proxima.
|
|
|
|
http://www.target.org/autohtml.php?op=modload&mainfile=x&name=filename |