CVE-2005-2607 Information

Description

PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null (\00) characters.

Reference

http://rgod.altervista.org/simply.html http://secunia.com/advisories/16273 http://securitytracker.com/id?1014591 http://www.phpsimplicity.com/scripts.php?id=3 http://www.securityfocus.com/bid/14424