Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-127: GradMan 'info.php' Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-127: GradMan 'info.php' Vulnerability
# 1  
Old 01-22-2008
S-127: GradMan 'info.php' Vulnerability
GradMan is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. The risk is MEDIUM. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. IP Networking

127.0.0.1 vs 0.0.0.0

Which one should I use in '/etc/hosts'? Please explain in details. Random quotes on the topic: (2 Replies)
Discussion started by: useretail
2 Replies

2. UNIX for Advanced & Expert Users

wait - return code 127

Hi All, I am trying to create background processes and then check their status later. But I am getting return codes as 0,127 randomly On checking the return codes for wait, I found the below. Do I need to treat return code of 127 as successful as well?? as we know the process id passed is... (7 Replies)
Discussion started by: tostay2003
7 Replies

3. Solaris

multitude of packets from 127.0.0.1

I was checking routing table, and noticed that our server has a lot packets from localhost: Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- .. 127.0.0.1 127.0.0.1 ... (1 Reply)
Discussion started by: orange47
1 Replies

4. Solaris

Can't setup gateway other than 127.0.0.1?

I have just installed Solaris 10 X86 today, but I can't use internet at all on it. When I was installing it, it only asked me to create a hostname, without even asking me this computer is "networked" or "non-networked". After I finished installation, I use "netstat -rn" command, and only see... (3 Replies)
Discussion started by: Diamondust
3 Replies

5. Shell Programming and Scripting

rc=127 can't fork

I have a script to download a file using wget. It works if I execute it from the command line. But, if I run it in cron, it doesnt work and I am getting the following in the cron log: > CMD: /export/home/username/test > username 23159 c Tue Aug 1 14:40:00 2006 < username 23159 c Tue Aug ... (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

php-config

php-config(1)                                                   Scripting Language                                                   php-config(1)

NAME

       php-config - get information about PHP configuration and compile options

SYNOPSIS

       php-config [options]

DESCRIPTION

       php-config is a simple shell script for obtaining information about installed PHP configuration.

OPTIONS

       --prefix       Directory prefix where PHP is installed, e.g. /usr/local
       --includes     List of -I options with all include files
       --ldflags      LD Flags which PHP was compiled with
       --libs         Extra libraries which PHP was compiled with
       --man-dir      The directory prefix where the manpages is installed
       --extension-dir
                      Directory where extensions are searched by default
       --include-dir  Directory prefix where header files are installed by default
       --php-binary   Full path to php CLI or CGI binary
       --php-sapis    Show all SAPI modules installed on the Debian system
       --configure-options
                      Configure options to recreate configuration of current PHP installation
       --version      PHP version
       --vernum       PHP version as integer

SEE ALSO

       php(1)

VERSION INFORMATION

       This manpage describes php, version 7.0.33-6+ubuntu18.04.1+deb.sury.org+3.

COPYRIGHT

       Copyright (C) 1997-2017 The PHP Group

       This  source  file  is  subject to version 3.01 of the PHP license, that is bundled with this package in the file LICENSE, and is available
       through the world-wide-web at the following url:
       http://www.php.net/license/3_01.txt

       If you did not receive a copy of the PHP license and  are  unable  to  obtain  it  through  the  world-wide-web,  please  send  a  note  to
       license@php.net so we can mail you a copy immediately.

The PHP Group                                                          2017                                                          php-config(1)