Today I seen a hack into php that has rocked me to my foundation.
I seen a picture uploaded onto a server using php and when php displayed the
image, phpinfo() was executed and displayed.
Does this problem exist in PHP 5.2.17 +?
How do you stop it?
Sorry, I have never known of this before today.
Bastien Koert
On 2012-09-23, at 11:57 AM, admin ad...@buskirkgraphics.com wrote:
Today I seen a hack into php that has rocked me to my foundation.
I seen a picture uploaded onto a server using php and when php displayed the
image, phpinfo() was executed and displayed.
Does this problem
On Sun, Sep 23, 2012 at 9:57 PM, admin ad...@buskirkgraphics.com wrote:
Today I seen a hack into php that has rocked me to my foundation.
I seen a picture uploaded onto a server using php and when php displayed
the
image, phpinfo() was executed and displayed.
Does this problem exist in PHP
Jpgs can hold other data rather than image data
One thing to try is to run strip_tags($image) to remove any php code
http://stackoverflow.com/questions/3499173/my-php-site-was-hacked-by-codes-u
ploaded-as-image
http://josephkeeler.com/2009/04/php-upload-security-the-1x1-jpeg-hack/
Bastien
On 23-09-2012 21:30, admin wrote:
Jpgs can hold other data rather than image data
One thing to try is to run strip_tags($image) to remove any php code
http://stackoverflow.com/questions/3499173/my-php-site-was-hacked-by-codes-u
ploaded-as-image
5 matches
Mail list logo