PHP :: Bug #67016 :: dzkabyle

Bug #67016	dzkabyle
Submitted:	2014-04-03 23:44 UTC	Modified:	2014-04-03 23:48 UTC
From:	k4byl3 at gmail dot com	Assigned:
Status:	Not a bug	Package:	Website problem
PHP Version:	5.6.0alpha3	OS:	windows
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	k4byl3 at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2014-04-03 23:44 UTC] k4byl3 at gmail dot com

Description:
------------
hello php.net team 

i am dzkabyle an i m bug funder 

Email : k4byl3@gmail.com

Test script:
---------------
hello php.net team 

i am dzkabyle an i m bug funder 
recently a have fond vulnerability on your web site and i decide to report them more information here
file : cached.php 
php.net/cached.php
bug is remote file disclosure by manipuling the URL You can disclose all file in  server just like that

http://www.php.net/cached.php?t=1396464012&f=/cached.php

now you can show source code of cached.php file 

Email : k4byl3@gmail.com

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-04-03 23:48 UTC] aharvey@php.net

-Status: Open +Status: Not a bug -Package: *General Issues +Package: Website problem

[2014-04-03 23:48 UTC] aharvey@php.net

You can also access all of the source code here: https://github.com/php/web-php

This is expected behaviour.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jul 02 13:01:34 2025 UTC