I found that the null byte problem was occuring on my server with the current parse_form sub and CGI module. With this null byte, the hacker can read very thing on the server if we use any command open and exec in the script such as in DBman and Links2.0 admin. Is there any ways to fix this?
This line can help?
$value =~ s/%00//g;
Thanks,
Cheers,
Dat
Programming and creating plugins and templates
Blog
This line can help?
$value =~ s/%00//g;
Thanks,
Cheers,
Dat
Programming and creating plugins and templates
Blog