> I understand that, the problem I have is that there isn't any way for > unauthenticated users to upload files to this server. This makes me > worried that we didn't patch the actual vulnerability and instead just > patched one path to the vulnerability.
How is $thisfile created? I don't see the problem in the code either. Perhaps ask on stackoverflow? _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
