Twig Remote Arbitrary Script Execution Vulnerability

Solution:
Shaun Clowes <shaun@securereality.com.au> submitted the following in a post to Bugtraq:

Simply add:
unset($config);
unset($vhosts);
at the top of config/config.inc.php3

Also add:
unset($dbconfig);
at the top of config/dbconfig.inc.php3 for good measure.



 

Privacy Statement
Copyright 2010, SecurityFocus