mirror of
https://github.com/php/web-php.git
synced 2026-03-23 23:02:13 +01:00
*sigh*
This commit is contained in:
Rasmus Lerdorf
11
cached.php
11
cached.php
@@ -1,4 +1,15 @@
|
||||
<?php
|
||||
/*
|
||||
Yes, we know this can be used to view the source for any file
|
||||
in the docroot directory. This is intentional and not an LFI
|
||||
vulnerability. The source code for everything in the docroot
|
||||
is publicly available at
|
||||
|
||||
https://github.com/php/web-php
|
||||
|
||||
so there is no vulnerability here. You can't use this to view
|
||||
anything that is private.
|
||||
*/
|
||||
$_SERVER['BASE_PAGE'] = 'cached.php';
|
||||
include_once 'include/prepend.inc';
|
||||
|
||||
|
||||
Reference in New Issue
Block a user