Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22117
HistoryJul 03, 2009 - 12:00 a.m.

eAccelerator encoder files backup Vulnerability

2009-07-0300:00:00
vulners.com
25
JSON

eAccelerator encoder files backup Vulnerability

1.Description
eAccelerator is a free open-source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of
PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It
also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of
your PHP code by 1-10 times.

  1. The Vulnerability

eAccelerator has a function which encode php source in encoder.php.
You can backup all system files to specify directory or specify files.Of course you can upload image to Web Server and
backup it to the web directory
so you can …

3.II. Disclosure Timeline
2009/06/29 Vendor contact.
2009/06/30 Public Disclosure.

  1. Thanks
    all of Whitehat Community's friend && Great Milw0rm!
    2009/06/30 by cnbird

Sorry my bad english!

JSON