Main menu:

Site search



Archive for May, 2006

ROOT_PATH vulnerabilities.

In PHP there is a vulnerability involving the ROOT_PATH include. It bascially allows via poor coding and a well constructed querystring to pass a file to PHP from a remote server and execute the code. As an example the included file could be used to send spam or phishing email be routing it internally through [...]