PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
joshua eichorn phpdocumentor 1.2.3 |
||
joshua eichorn phpdocumentor 1.3_rc3 |
||
joshua eichorn phpdocumentor 1.3_rc4 |
||
joshua eichorn phpdocumentor 1.2 |
||
joshua eichorn phpdocumentor 1.2.1 |
||
joshua eichorn phpdocumentor 1.2.2 |