Command injection

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
abalfazl
Forum Commoner
Posts: 71
Joined: Mon Sep 05, 2005 10:05 pm

Command injection

Post by abalfazl »

Hello firends

From zend PHP study guide(page 180)


If data being used to construct a command is intended to be
a single argument,there might be character within data that cause it to be interpreted as multiple argumnets instead.


May someone explain about that?

GOOD LUCK!
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

we've had multiple threads on injection, particularly SQL injection as that is where a lot of people are vulnerable when they code. Have you read them?
Post Reply