Research and Markets: PHP and MySQL: Create-Modify-Reuse

Research and Markets (http://www.researchandmarkets.com/research/c68e0e/php_and_mysql_cre) has announced the addition of the "PHP and MySQL: Create-Modify-Reuse" report to their offering.

- Step-by-step instructions walk readers through real-world applications

- Packed with ready-to-use projects for PHP and MySQL, this book guides readers through several real-world projects that are complete, tested, and ready to be implemented, so that readers can learn by doing

- Clearly explains to readers all aspects of design, such as portability, design flow, and integration, and shows them how to properly secure their applications for real-world implementation

- Authored by a PHP expert who is in tune with common tasks and the various problems faced by developers in everyday circumstances

- Application topics include user management, Web forums, and an image gallery

- Although PHP and MySQL can each be used independently, when they are used together, they open up dynamic options for Web site development

Key Topics Covered:

- User Registration.

- Community Forum.

- Mailing List.

- Search Engine.

- Personal Calendar.

- Ajax File Manager.

- Online Photo Album.

- Shopping Cart.

fuzzylime (cms) rss.php Local File Inclusion Vulnerability

Ams has discovered a vulnerability in fuzzylime, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

Input passed to the "p" parameter in rss.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

Successful exploitation requires that "magic_quotes_gpc" is disabled.

NOTE: The vulnerability can be exploited to execute arbitrary PHP code by including the code/content.php script.

The vulnerability is confirmed in version 3.01a. Other versions may also be affected.