Le jeudi 27 octobre 2005 à 08:54 -0500, Tatercrispies a écrit : > And I really don't see how this could ever be used to execute > server-side script unless for some bizarre reason you had your > webserver so completely misconfigured as to be beyond imagination. Why > would you be parsing image files through the PHP interpreter.
Please look at http://shsc.info/FileUploadSecurity#titelanker5 ... And yes, it happens in real life scenarios ! Nicob _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
