Lucene search

K

PHP 4/5 addslashes() NULL Byte Bypass

๐Ÿ—“๏ธย 01 Jul 2014ย 00:00:00Reported byย RootTypeย 
seebug
ย seebug
๐Ÿ”—ย www.seebug.org๐Ÿ‘ย 19ย Views

PHP 4/5 addslashes() NULL Byte Bypass Vulnerabilit

Show more
Code

                                                source: http://www.securityfocus.com/bid/11981/info

PHP4 and PHP5 are reported prone to multiple remotely exploitable vulnerabilities. These issue result from insufficient sanitization of user-supplied data. A remote attacker may carry out directory traversal attacks to disclose arbitrary files and upload files to arbitrary locations.

It is reported that these vulnerabilities may only be exploited on Windows.


http://www.example.com/phpscript.php?whatever=../../../../boot.ini%00
http://www.example.com/phpscript.php?whatever=..\'file.ext 
                              

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo