John Lim Information for VU#847803

Php variables passed from the browser are stored in global context

Status

Affected

Vendor Statement

From the Change log:

"1.12 6 June 2001

Changed $ADODB_DIR to ADODB_DIR constant to plug a security loophole."

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

John Lim wrote ADODB which was vulnerable to this problem.

If you have feedback, comments, or additional information about this vulnerability, please send us email.