Closed ErikNijlandSanoma closed 12 years ago
Have you got a working example? I can't replicate this.
Commenting to subscribe.
@wildlyinaccurate I haven't since I just made a quickfix. But it might be dependent on PHP's magic quotes setting.
Erik, feel free to message me privately with the full details if you wish, including environment information.
Can't replicate it with the latest CodeIgniter version. Issue appeared using version 1.7.2
Ok, thanks for reporting just the same!
When setting $config['enable_query_strings'] to true CodeIgniter becomes vulnerable for local file inclusion.
E.g. http://www.example.com/index.php?c=../../../some/folders/.htpasswd%00
Where %00 represents a null-byte character. See http://ddxhunter.wordpress.com/2010/03/10/lfis-exploitation-techniques/ for a more detailed explanation of local file inclusion.