Edit report at https://bugs.php.net/bug.php?id=67016&edit=1
ID: 67016 Updated by: [email protected] Reported by: k4byl3 at gmail dot com Summary: dzkabyle -Status: Open +Status: Not a bug Type: Bug -Package: *General Issues +Package: Website problem Operating System: windows PHP Version: 5.6.0alpha3 Block user comment: N Private report: N New Comment: You can also access all of the source code here: https://github.com/php/web-php This is expected behaviour. Previous Comments: ------------------------------------------------------------------------ [2014-04-03 23:44:12] k4byl3 at gmail dot com Description: ------------ hello php.net team i am dzkabyle an i m bug funder Email : [email protected] Test script: --------------- hello php.net team i am dzkabyle an i m bug funder recently a have fond vulnerability on your web site and i decide to report them more information here file : cached.php php.net/cached.php bug is remote file disclosure by manipuling the URL You can disclose all file in server just like that http://www.php.net/cached.php?t=1396464012&f=/cached.php now you can show source code of cached.php file Email : [email protected] ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=67016&edit=1 -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
