|
|
|
#1
01-08-2008, 18:24
|
||
|
PHP embedded in GIF files
There is a security flaw in GIF files that allows a PHP program to be inserted into the GIF file. The way this works is the file has the proper GIF89 headers to make it a valid file (thus not caught by a PHP upload script), but yet the PHP code is embedded. A hacker can use it to find out passwords, etc, since the .php code would run as the webhost.
I never knew this was possible until I read about it when someone tried it on our server. This site has what you can do about it... http://www.phpclasses.org/blog/post...GIF-images.html |
|
|
|
|
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| What is PHP, Here i will tell you what is PHP | booster20002005 | Programming | 1 | 08-20-2007 03:04 |
| 80 cheap Script for sale | teampower | Content | 0 | 06-29-2007 01:08 |
| Free Host-Domain-Pop3Mails | ceberus | Free Web Hosting Discussions And Reviews | 1 | 06-15-2007 06:10 |
| PHP Designer 2005 | Positive | Other Free Resources | 1 | 08-30-2005 00:13 |
| How To : Improve Your PHP Programming | admans | Website Design Forum | 0 | 07-17-2005 06:58 |
Threaded Mode