hi i found it very helpful to know about hacks such as the below list
and was wondering if anyone had any more dumb mistakes they could tell
us before we make them.
1. http://www.somesite.com/source.php3?url=/etc/passwd
2. http://www.somesite.com?page=../../../../etc/passwd
3. not setting .inc files to be parsed by php
4. setting directory ownership to nobody
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
