Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data

Slythers Bro Tue, 28 Mar 2006 21:22:43 -0800

<?php
   $host = "127.0.0.1";
   $user = "sqluser";
   $pass = "sqlpass";

.....

   $foobar=html_entity_decode($_GET['foo']);
   echo $foobar;

?>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data

Reply via email to