abcphp.com

Discover the best of PHP

Security »

11

Vote

File Path Injection in PHP

Since the thing went public before new PHP version has been released, I present full details of the latest PHP vulnerability I reported - together with some sweet demo exploit. The issue was found with fuzzing being part of my recent file upload research. And I still have some more to show in the future :)

Posted by girish.r 705 days ago (http://css.dzone.com)
Discuss | | Bury | Tweet This | Tagged: file path injection security Add To

Read the full article

Who Voted for this Story

Recently Published

8 votes | Final Part - Customizing AWS Elastic Beanstalk
6 votes | very simple code for hide and show in css3
4 votes | Websockets with php – tutorial on basics
12 votes | Herzult/SimplePHPEasyPlus · GitHub
13 votes | LiveRebel 2.6 Sneak Peek: Automated Deployments Go Polyglot

Most Comments

7 comments | OpenCart CSRF Vulnerability « Ben Maynard's blog
2 comments | XMLHttpRequest and AJAX for PHP programmers
2 comments | Run PHP on the Google App Engine
2 comments | Speeding up your PHP scripts
1 comments | 5 Tools Every PHP Developer Should Master | Postcards From My Life

Most Votes

24 votes | CONFIRMED: Facebook Gets Faster, Debuts Homegrown PHP Compiler
21 votes | How To: Installing LAMP On Ubuntu For Newbies
21 votes | MINIMIZE HTTP REQUESTS – BEST PRACTICE
20 votes | php|tek 2009
20 votes | PHP 5.2.9 Released!