Short Name |
HTTP:PHP:GLOBALS-INJ |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP GLOBALS Variable Overwrite |
Release Date |
2005/04/21 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to misuse the PHP GLOBALS variable. PHP 5.0.3 and earlier versions are vulnerable. Attackers can overwrite the GLOBALS variable.
PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may allow attackers to further exploit latent vulnerabilities in PHP scripts.