PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CFG[libdir] parameter. Successful exploitation requires that "register_globals" is enabled.
Publication date: Tue, 15 Aug 2006 02:04:00 +0000