[nycphp-talk] Holiday Greetings to Everyone...
mikesz at qualityadvantages.com
mikesz at qualityadvantages.com
Tue Dec 26 09:35:37 EST 2006
Hello, I am trying to research an issue about PHP_SELF and was wondering
if anyone knew the currently status of this exploit. I read a
description of the exploit that was a couple of years old but can not
find any "current" status of the bug, even on the php.net bug tracking.
The report I read concluded with a note at the bottom of the text that
said something like the good news is that the fix is in CVS but he never
said what the resolution was. I have checked many security sources and
have not been able to find any more information about it.
The author of the document that explained the exploit had a "working"
example of how the exploit worked but when I tried to reproduce it,
nothing! I had to assume that bug has been fixed and write that in my
own article about the exploit but I stuck to find any current status on
it. Any one know about this bug?
thanks in advance, mikesz
The post I found was a blog entry from May 2005 ...
http://blog.phpdoc.info/archives/13-XSS-Woes.html
More information about the talk
mailing list