Reply to Re: GIF PHP Exploit — PHP Programming Language

Posted by gosha bine on 06/22/07 12:41

On 22.06.2007 12:57 Schraalhans Keukenmeester wrote:
> It's been mentioned here a couple of times in different threads regarding
> image uploading. It's not new, but I found a clear explanation of what it
> is and how to deal with it. Hope it helps some of you.
>
> http://www.phpclasses.org/blog/post/67-PHP-security-exploit-with-GIF-images.html
>
> Best!
> Sh.

How this exploit is related specifically to GIF files? You can insert
php code in any file and every upload script that doesn't check file
extensions is vulnerable.

--
gosha bine

extended php parser ~ http://code.google.com/p/pihipi
blok ~ http://www.tagarga.com/blok

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация