• « General considerations
  • Possible attacks »
  • PHP Manual
  • Security
  • Installed as CGI binary

Installed as CGI binary

Table of Contents

  • Possible attacks
  • Case 1: only public files served
  • Case 2: using cgi.force_redirect
  • Case 3: setting doc_root or user_dir
  • Case 4: PHP parser outside of web tree