PHP 4/5 addslashes() NULL Byte Bypass Vulnerabilit
source: http://www.securityfocus.com/bid/11981/info
PHP4 and PHP5 are reported prone to multiple remotely exploitable vulnerabilities. These issue result from insufficient sanitization of user-supplied data. A remote attacker may carry out directory traversal attacks to disclose arbitrary files and upload files to arbitrary locations.
It is reported that these vulnerabilities may only be exploited on Windows.
http://www.example.com/phpscript.php?whatever=../../../../boot.ini%00
http://www.example.com/phpscript.php?whatever=..\'file.ext
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo