N/A

phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpGraphy.

N/A

N/A

phpGraphy PHP代码执行漏洞

phpGraphy 0.9.13a版本之前的版本版本当输入数据包含一个具有与一个字母数字参数的信息值相匹配的数字参数时，没有适当地设置自变量。这会允许远程攻击者可以借助对index.php的pictures[]参数上传一个config.php文件，执行任意PHP代码。注意：未安装的PHP指令(CVE-2006-3017)中存在错误是形成漏洞的原因尚存在争议，且合适的修复应该在PHP中;如果是这样的话，该漏洞应该当作phpGraphy中的漏洞对待。

N/A

N/A