UnitedForums.co.uk - View Single Post

donelson · 8th June 2008, 04:51 PM

If I have a page which contains a PHP include (file) statement, that runs entirely on the server, and does not even appear in the client's browser source, right?

Is this then, somehow, vulnerable?

What is an example of a PHP vulnerability, if the client-side web page does not access PHP on the server?

Is "enabling" PHP on the server enough to make your site vulernable? How?

8th June 2008, 04:51 PM	#7 (permalink)
donelson Registered User Join Date: Mar 2005 Posts: 153	If I have a page which contains a PHP include (file) statement, that runs entirely on the server, and does not even appear in the client's browser source, right? Is this then, somehow, vulnerable? What is an example of a PHP vulnerability, if the client-side web page does not access PHP on the server? Is "enabling" PHP on the server enough to make your site vulernable? How?