mailing list archives
PHP Security Risk?
From: "Stephane Auger" <stephaneauger () pre2post com>
Date: Wed, 1 Dec 2004 18:53:15 -0500
I don't know if this is the right mailing list to ask this, if not
don't hesitate to warn me. I'm using a Windows Server 2003 with IIS6
and PHP5. Fully patched, by the way. Someone asked me to enable the
file-upload function in PHP so people could upload files to his web
site, which is one of many I host. Does anyone know if file uploading
in PHP could cause a security risk on the server? I know there used to
be many flaws in the old versions, but I don't know about now... I
haven't seen anything recent about this. Thanks for your help!