<<< Date Index >>>     <<< Thread Index >>>

Re: PHPList <= 2.10.2 remote commands execution



This vulnerability is caused by the PHP globals problem. 
http://www.hardened-php.net/globals-problem

Not vulnerable: PHP 4.4.1 and up or PHP 5.1.0 and up

Fix:

add 

$GLOBALS = array(); 

to the top of the config file