Multiple Vendor PHPLIB Remote Script Execution Vulnerability

An example was provided by giancarlo pinerolo <>:

If $_PHPLIB[libdir] is a string whose value
is "", this instruction will be executed:

require("" . "");

Thus, simply crafting a URL like:[libdir]=

will make the script 'page.php'(which the attacker knows is based on the PHPLIB toolkit) include and execute any arbitrary php instruction contained in a file named ''.


Privacy Statement
Copyright 2010, SecurityFocus