Jun 25, 2009 0
PHP GIF Image Security Issue
I just want to share with other PHP Guys out there concerning the PHP GIF Image security issue.
Let’s say an attacker registers to your site and being asked an avatar photo. The attacker uploads a PHP file named avatar.gif.php.
After the image is uploaded in the directory where it keeps all images, the attacker will attempt to make an HTTP request with the GIF image that contains PHP code like http://site.com/images/avatar.gif.php.
Recent Comments