On Monday 20 August 2007 23:10:22 Coopercentral (at) gmail (dot) com [email concealed] wrote:
> HI:
>
> I am the creator of this poll script, and would like to do whatever
> possible to make this NOT vulnerable. Â Thanks for finding this, and hope I
> can help.
I guess, if "register_globals" option is off (it's off by default since php4),
this exploit will fail and not work..
Please make sure that you disabled "register_globals" option in your php.ini
who uses this script and who uses php.
> HI:
>
> I am the creator of this poll script, and would like to do whatever
> possible to make this NOT vulnerable. Â Thanks for finding this, and hope I
> can help.
I guess, if "register_globals" option is off (it's off by default since php4),
this exploit will fail and not work..
Please make sure that you disabled "register_globals" option in your php.ini
who uses this script and who uses php.
[ reply ]