UnitedForums.co.uk - View Single Post

pursuit · 8th June 2008, 05:23 PM

in order to exploit an php vul., you would normally need to use a specially crafted url which would result in some scripts (mysql query for example) being executed on the server that hosts the website that uses php as its scripting language. real world examples include stealing customer data. if your site does not use mysql then there no worry about this type of hack. another could be writing or attaching some scripts at the end of a php file on the server but o dont think this is likely to happen on UH servers due to strict write permissions.

php only runs on the server using the php engine on the server, which generates the html code and send it to the client's browser so that it can display it. No browser understands php.

8th June 2008, 05:23 PM	#8 (permalink)
pursuit Registered User Join Date: Feb 2006 Location: London, UK Posts: 282	in order to exploit an php vul., you would normally need to use a specially crafted url which would result in some scripts (mysql query for example) being executed on the server that hosts the website that uses php as its scripting language. real world examples include stealing customer data. if your site does not use mysql then there no worry about this type of hack. another could be writing or attaching some scripts at the end of a php file on the server but o dont think this is likely to happen on UH servers due to strict write permissions. php only runs on the server using the php engine on the server, which generates the html code and send it to the client's browser so that it can display it. No browser understands php.