PHP5 Globals Vulnerability Name PHP5 Globals Vulnerability Systems Affected PHP5 (verified on 5.1.1 and 5.1.2) Severity Critical Vendor www.php.net Advisory http://www.ush.it/2006/01/25/php5-globals-vulnerability/ Author Francesco "aScii" Ongaro (ascii at katamail . com) Date 20060125
With ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable. Advisory released on 20060128: PHP5 Globals Vulnerability http://www.ush.it/2006/01/25/php5-globals-vulnerability/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/