On 09/06/2011 05:47 PM, ALEJANDRO ZAPIOLA wrote:
> Seeing the $_REQUEST[] and it is a matrix that has the content of $_GET,
> $_POST and $_COOKIE, I think this can be used maliciously into the script.
> i.e.:
> request1.php
> setCookie("name","alejandro");
> echo "location.href='re
Seeing the $_REQUEST[] and it is a matrix that has the content of $_GET,
$_POST and $_COOKIE, I think this can be used maliciously into the script.
i.e.:
request1.php
location.href='request2.php'";
?>
In this case, I'm setting the variable 'name' with value 'Alejandro', then
redirects to request2.
2 matches
Mail list logo