|
Posted by SA SA on 01/15/07 17:51
Hello,
I do not know anything about PHP but thrown into this mix. I was told
by my ISP that there is vulnerability in following code to allow
spammer load an offsite php script for mailing. The defective code is:
if (isset($HTTP_GET_VARS['sport']))
{
$sport = $HTTP_GET_VARS['sport'];
require ($sport.".php");
}
how od i fix it?
If i am in wrong group please forgive me.
thanks
sa
Navigation:
[Reply to this message]
|