[Pmwiki-users] php as Img insecure? / TrailPrinter?

Patrick R. Michaud pmichaud
Mon Nov 10 19:01:39 CST 2003


On Monday, November 3, 2003, 11:49:58 AM, you wrote:

> Hello

> I have two Questions:

> 1) I added php to the list of allowed image formats to enbed
> banners. Is that insecure, since this banner-script runs on an other
> Server?

That sounds awfully insecure, since it might allow someone to
attach/embed arbitrary PHP scripts, which could then be used to
execute commands or modify files on the server.

Pm






More information about the pmwiki-users mailing list