The "domain.com/index.php/login.php" kind of requests in PHP
Posted: Tue Apr 26, 2011 8:09 am
Hi all,
I have discovered new and very odd requests made to my PHP website that looks like:
www.domain.com/index.php/login.php
The odd part in this request is that there are two files with php extension requested from the server and it seems that both files gets processed.
When such request is made, index.php is displayed first but there is no style applied to it and some additional informations from login.php are displayed below.
My question is, what is this, how you call it and where can I find more details on this? It is obvious it is some kind of security hole that people are exploiting and I wasn't aware of.
Thank you in advance!
I have discovered new and very odd requests made to my PHP website that looks like:
www.domain.com/index.php/login.php
The odd part in this request is that there are two files with php extension requested from the server and it seems that both files gets processed.
When such request is made, index.php is displayed first but there is no style applied to it and some additional informations from login.php are displayed below.
My question is, what is this, how you call it and where can I find more details on this? It is obvious it is some kind of security hole that people are exploiting and I wasn't aware of.
Thank you in advance!