PHP :: Bug #15887 :: vulnerability? security hole?

Bug #15887	vulnerability? security hole?
Submitted:	2002-03-05 15:41 UTC	Modified:	2002-03-12 06:51 UTC
From:	astrosmurfie at yahoo dot co dot uk	Assigned:
Status:	Closed	Package:	Apache related
PHP Version:	4.1.2	OS:	windows 2000
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	astrosmurfie at yahoo dot co dot uk
New email:
PHP Version:		OS:

New Comment:

[2002-03-05 15:41 UTC] astrosmurfie at yahoo dot co dot uk

hi!
I just happened to see on a web page and tried that when one writes 'http://myaddress/php/php.exe?anyfile', he can see what's in this file. And this way, one can also upload some files and hack the system. 
What do you think? Is this 'php.exe' a security hole, and what's the use of it if I dont use it at all? I searched your web site, but couldn't find an answer for that. Could you please give me a sufficient explanation about the capabilities of this 'php.exe' file?
Thanks in advance!
smurfie

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-03-05 15:48 UTC] imajes@php.net

This has been fixed and will be released shortly with the new version of php under windows.

[2002-03-12 06:51 UTC] imajes@php.net

released.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Dec 27 15:01:29 2024 UTC