[VIM] CVE dispute - phpMyConferences RFI

Steven M. Christey coley at mitre.org
Thu Nov 2 20:58:20 EST 2006

Researcher: mfp.c

Issue: phpMyConferences <= 8.0.2 Remote File Inclusion

The referenced code:

  # if (!$gloaded_modules[$image_name])
  # {
  # include($lvc_modules_dir.'/'.$module_name.'.module.php');
  # $gloaded_modules[$module_name] = true;
  # }

is missing some context,  i.e.:

function insert_cached_module($module_desc)
    global $lvc_modules_dir;
    if (!$gloaded_modules[$module_name])

Since this include is within a function definition, the claimed
exploit (direct request to library.inc.php) should not work.

I'm unclear on whether a global declaration for a variable within a
function definition is sufficient to override initialization from
things like GET requests, but at best, the direct request to
library.inc.php appears erroneous.

- Steve

More information about the VIM mailing list