We've recently been optimizing our Local File Inclusion (LFI) audit engine. Part of that effort has included poking around in different frameworks (php, .NET, java, ruby/rails, python, perl... etc) and seeing how many ways a developer might fall prey to this vulnerability. One of the common ways...
While my rookie Mark McGwire cards aren't appreciating at all, my header collection is. Check these actual headers out: php warning: Unknown(): Unable to load dynamic library '/usr/local/lib/php/extensions/no-debug-non-zts-20020429/mysql.so' - Cannot open "/usr/local/lib/php/extensions...
ComputerWorld is running an article from Paul Ferguson of TrendMicro claiming that there is a massive hack going on as you read this - via the phpBB bulletin-board software. Truth be told, phpBB has been known to be bug-ridden over the years (simply Google "phpBB vulnerability" and you'll...