:: Deepquest :: This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

PHP PHP_INI_SYSTEM Ineffective Controls

deepcoreMay 22, 2019

Security controls configured via php.ini directives at the PHP_INI_SYSTEM level are ineffective as they could be bypassed by malicious scripts via writing their own process memory on the Linux platform. Proof of concept code included.

You must be logged in to post a comment.

Related Posts

Chitor CMS 1.1.2 SQL Injection

Multi-Vendor Online Groceries Management System 1.0 Remote Code Execution

Telit Cinterion IoT Traversal / Escalation / Bypass / Heap Overflow

Leave a Reply