ID: 15887 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Open +Status: Closed Bug Type: Apache related Operating System: windows 2000 PHP Version: 4.1.2 New Comment:
This has been fixed and will be released shortly with the new version of php under windows. Previous Comments: ------------------------------------------------------------------------ [2002-03-05 15:41:02] [EMAIL PROTECTED] hi! I just happened to see on a web page and tried that when one writes 'http://myaddress/php/php.exe?anyfile', he can see what's in this file. And this way, one can also upload some files and hack the system. What do you think? Is this 'php.exe' a security hole, and what's the use of it if I dont use it at all? I searched your web site, but couldn't find an answer for that. Could you please give me a sufficient explanation about the capabilities of this 'php.exe' file? Thanks in advance! smurfie ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=15887&edit=1
