Signature Detail

HTTP: PHProjekt "path_pre" Parameter Remote File Include

This signature detects attempts to exploit a vulnerability in the authform.inc.php script included in the PHProjekt package. Attackers can supply a remote location in the "path_pre" input parameter to force the target to download and execute arbitrary PHP code from the remote location.

Extended Description

Remote attackers could exploit this vulnerability to execute arbitrary code on an affected machine.

References

• URL: http://secunia.com/product/4346/
• URL: http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=193