|
|
|
|
|
|
by chug
2977 days ago
|
|
|
The title on this seems pretty misleading. This is really a guide on how to use the escapeshellarg when you should use escapeshellcmd (or the opposite). Of course, the API of system() is pretty awful, so there is an issue here in the form of "wow, PHP makes this really easy to mess up," but there's no actual exploit in either function mentioned. Just exploits in code people write using them. I guess the LANG one is arguably an actual exploit though, though that gets into arguing semantics. Edit: there's also an example that is missing quotes around an argument. Again, something very easy to mess up, but that's what you get when you have a function that is basically like typing a line into the shell. |
|
|