[Maplab-dev] [Bug 1695] New: [Maplab] (gszAppPath) Remote File
Inclusion Vulnerability
bugzilla-daemon at bugzilla.maptools.org
bugzilla-daemon at bugzilla.maptools.org
Mon Apr 2 14:59:41 EDT 2007
http://bugzilla.maptools.org/show_bug.cgi?id=1695
Summary: [Maplab] (gszAppPath) Remote File Inclusion
Vulnerability
Product: MapLab
Version: 2.2
Platform: All
OS/Version: All
Status: NEW
Severity: critical
Priority: P1
Component: map editor
AssignedTo: maplab-dev at lists.maptools.org
ReportedBy: zjames at dmsolutions.ca
gmapfactory includes a file without verifying the path leading to the potential for remote script execution
if php globals is enabled.
See http://www.securityfocus.com/archive/1/464462/30/0/threaded
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Please do NOT reply to this email, use the link above instead to
login to bugzilla and submit your comment. Any email reply to this
address will be lost.
More information about the Maplab-dev
mailing list