BugTraq
Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data Apr 06 2006 12:58AM
Moriyoshi Koizumi (moriyoshi at wakwak com)
Peter Conrad wrote:

>Hi,
>
>On Mon, Apr 03, 2006 at 11:06:01PM +0900, Moriyoshi Koizumi wrote:
>
>
>>While this is not part of the HTML / HTTP standards, major
>>browsers
>>around try to send such characters in the user input as HTML entities
>>that cannot
>>all be represented in the encoding of the originating HTML page
>>
>>
>
>out of curiosity: can you give an example for that behaviour? I've
>never seen it.
>
>
http://www.voltex.jp/~moriyoshi/test/demo.php

Moriyoshi

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus