Fix possible arbitrary code execution on misconfigured deployments - snuffleupagus - Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

diff options

author	jvoisin	2025-12-31 00:45:46 +0100
committer	jvoisin	2026-01-05 21:43:10 +0100
commit	9278dc77bab2a219e770a1b31dd6797bc9070e37 (patch)
tree	f0f97d6d5bd8878997eafbe2a1493c3be5cc9e9d /src/tests/disable_function/disabled_function_print.phpt
parent	e586b7df4e575d7d5e017b4134bdac9b297b667b (diff)

Fix possible arbitrary code execution on misconfigured deployments

When `upload_validation` is enabled, and when VLD isn't installed, an attacker sending a multipart POST is able to get arbitrary PHP content executed. Reported-By: thomas-chauchefoin-tob

Diffstat (limited to 'src/tests/disable_function/disabled_function_print.phpt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: