Hi! > 1. Find FLI vulnerable application. > 2. Find a way to inject $_SESSION > 3. Use session file to execute arbitrary PHP code.
So, you assume you have broken application with no security AND it allows you to inject arbitrary data in the session (which probably means broken authorization too) and then somehow it's PHP vulnerability? I'm sorry but this does not make too much sense to me. If you have an application that allows to execute arbitrary code on external request, this app has no security. How it is a vulnerability in PHP? -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php