-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/23/2010 04:40 PM, Cybsec - Security Systems wrote: > > Direct execution of arbitrary PHP code in the Web Server. >
I assume this is a Java-based application, why do you state that as a result PHP code can be executed? I don't get it... Kind regards, Moritz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwjt6UACgkQl56sB+DIUZQOWwCfbKNWvYQ5QgmgUqmdKnW1OlKr pWIAnj2NvBHleRYEXXW7338qvSBYJTgQ =ZBpL -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
