4WebHelp
 FAQ  •  Search  •  User Groups  •  Forum Admins  •  Smilies List  •  Statistics  •  Rules   •  Login   •  Register
Toggle Navigation Menu

 phpinfo() vulnerability
Post New TopicReply to Topic Forum Index » Server-Side Coding
View Previous Topic Print this topic View Next Topic
Author Message
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564
PostPosted: Wed Jun 11, 2003 8:08 pm (20 years, 10 months ago) Reply with QuoteBack to Top
Make sure you keep your phpinfo() scripts protected (as in preferably not available for the world to see). This is no bigee, but it's best to avoid it:

http://www.securityfocus.com/bid/7805/discussion/

Example:
Code:
phpinfo.php?code=<script>alert("This is an exploit");</script>

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
jayant
Team Member



Joined: 07 Jan 2002
Posts: 262
Location: New Delhi, India
PostPosted: Fri Jun 13, 2003 1:44 pm (20 years, 10 months ago) Reply with QuoteBack to Top
Thanks Daniel for informing us.

________________________________
Jayant Kumar
Member of the 4WebHelp Team
Nibble Guru - Computing Queries Demystified
GZip/ Page Compression Test
OfflineView User's ProfileFind all posts by jayantSend Personal MessageVisit Poster's WebsiteYahoo MessengerMSN Messenger
Display posts from previous:      
Post New TopicReply to Topic Forum Index » Server-Side Coding
View Previous Topic Print this topic View Next Topic


 Jump to:   




You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot edit your posts in this forum.
You cannot delete your posts in this forum.
You cannot vote in polls in this forum.


Page generation time: 0.118613 seconds :: 18 queries executed :: All Times are GMT
Powered by phpBB 2.0 © 2001, 2002 phpBB Group :: Based on an FI Theme