Back to search
CVE-2005-3571
Published: Nov 16, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1015206
vdb-entry
x_refsource_SECTRACK
15417
vdb-entry
x_refsource_BID
17542
third-party-advisory
x_refsource_SECUNIA
20051113 PHPCalendar (and some more codegrrl.com products) arbitrary code
mailing-list
x_refsource_BUGTRAQ
ADV-2005-2402
vdb-entry
x_refsource_VUPEN
21664
vdb-entry
x_refsource_BID
176
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now