I have apache and php running on linux machine. On the main page I have two text box for username and password. If unsuccessful login it will display bellows url on the address bar.
https://192.168.1.90/index.php?errorMSG=<font%20color=red>Invalid%20Login%20 or%20Password</font><br> My question is, will it be possible for someone to execute any codes via the exposed variable errorMSG variable, like https://192.168.1.90/index.php?errorMSG=phpinfo() Please help. Regards, Ganesan ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
