Free Links no wait nasty Evil Bug

So depending on your point of view a great way to get back links or an Evil XSS attack focused around phpinfo()
http://www.davidnaylor.co.uk/archives/2007/04/27/would-anyone-like-some-free-backlinks/

A programmer at David Naylor Blog has full details, don't you just love it when not only you find a bug but its one spammers can use!

Thats a nasty bug, which I'm sure will be used by a lot of people.

great, and it works also with version 4.3.11

[Join us @ facebook]

Hmmm. Today I made a script that takes full advantage of this

My only prob is how to get those links indexed.

BTW do you think it would be wise to sell that script or I should just keep it for me and my friends?

I wouldn't sell it might damage your reputation how about making a bit of a tutorial out of it, and include the how to secure such problems

Hmm, I wish I understood what was happening here.

Forgive the stupid question - but is this based on the version of php my host is using?

If you make a tutorial on how to protect against this, please let me know - then maybe I could hope to understand what this is all about.

Hmm, I wish I understood what was happening here.

Forgive the stupid question - but is this based on the version of php my host is using?

If you make a tutorial on how to protect against this, please let me know - then maybe I could hope to understand what this is all about.

how to protect? don't publish a phpinfo file

[Join us @ facebook]

Tim, you are right it would be wrong to publish that.

YMC, having a phpinfo() page on your server may be a real problem. This specific "bug" is not really a problem for the host owner.

But phpinfo can - some times - provide critical information to a hacker

[Guest]

[62.849]

Maximlis, Googlebot, Yahoo crawler