|
|
Edit-X ECOMMERCE “include_dir” Parameter Remote PHP File Inclusion … - FrSIRT
Edit-X ECOMMERCE “include_dir” Parameter Remote PHP File Inclusion …FrSIRT, France - Jan 12, 2007This issue is due to an input validation error in the “edit_address.php” script that does not validate the “include_dir” parameter, which could be exploited …OpenSolution Quick.Cart “p” Parameter Handling Cross Site … FrSIRTall 4 news articles
PHP Application Insecurity - PHP or Devs Fault? (Slashdot)
somersault asks: “There have recently been a lot of people making jokes at the expense of PHP, but how many common security flaws in PHP are the fault of the language, and how many the fault of the developer? A recent Security Focus article (via the Register) has a brief discussion which suggests that PHP is no less secure than any other scripting language, and that it is the users of the …
SuSE Security Update Fixes Cacti “cmd.php” Remote Code Injection … - FrSIRT
SuSE Security Update Fixes Cacti “cmd.php” Remote Code Injection …FrSIRT, France - 1 hour agoSuSE has released security updates to address a vulnerability identified in Cacti. This flaw could be exploited by attackers to execute arbitrary commands. …