Hello, I am trying to research an issue about PHP_SELF and was wondering
if anyone knew the currently status of this exploit. I read a
description of the exploit that was a couple of years old but can not
find any "current" status of the bug, even on the php.net bug tracking.
The report I read concluded with a note at the bottom of the text that
said something like the good news is that the fix is in CVS but he never
said what the resolution was. I have checked many security sources and
have not been able to find any more information about it.
The author of the document that explained the exploit had a "working"
example of how the exploit worked but when I tried to reproduce it,
nothing! I had to assume that bug has been fixed and write that in my
own article about the exploit but I stuck to find any current status on
it. Any one know about this bug?
thanks in advance, mikesz
The post I found was a blog entry from May 2005 ...
http://blog.phpdoc.info/archives/13-XSS-Woes.html
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
