Command execution in PHProjekt

157

Author: JT Smith

Posted at Net-security.org: “PHProjekt is a modular application for the coordination of group activities and to share informations and document via intranet and internet … Of course – open source – PHProjekt is free software. Actual version: 3.1a (02.02.2002).

This script is a content management system for websites, much like slashcode or phpnuke.

There problem is in the module filemanager, where you can directly access the module and then define values which would have been defined with the script’s global configuration file had the module not be accessed directly.”

Category:

  • Security