Description
prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by giancarlo pinerolo · textwebappsphp
https://www.exploit-db.com/exploits/21022
References (8)
Core 8
Core References
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2001/dsa-073
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/198495
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/6892.php
Various Sources vendor-advisory
x_refsource_caldera
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-027.0.txt
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/198768
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=99616122712122&w=2
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3079
Scores
EPSS
0.3007
EPSS Percentile
96.7%
Details
Status
published
Products (4)
phplib_team/phplib
7.2
phplib_team/phplib
7.2.1
phplib_team/phplib
7.2b
phplib_team/phplib
7.2c
Published
Jul 21, 2001
Tracked Since
Feb 18, 2026