Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP Security Blog:
A Trio of Javascript Issues
Dec 01, 2006 @ 13:22:28

On the PHP Security Blog, there's three new posts that Stefan Esser has written up that demonstrate some of the more destructive uses of Javascript that he's found:

While the first two are interesting, it's the last of these that most directly applies to PHP. He gives a simple "proof of concept" that checks to see if the embedded image is the correct "size" to be related to a webserver running PHP with the expose_php setting set to "on".

tagged: javascript security issue portscan http auth firefox exposephp scan javascript security issue portscan http auth firefox exposephp scan

Link: