|
|
|
|
|
|
by leigh_t
4371 days ago
|
|
|
> due to a vulnerability in the extract() command No. This is due to insane usage of the extract() function. Not a vulnerability with the function itself. You can pass user-supplied input directly to plenty of other functions which have equally idiotic outcomes, it doesn't mean that they have vulnerabilities, it means the author is a liability. |
|
|