Forum Discussion

Historic F5 Account

May 08, 2012

RE: Recent PHP-CGI query string parameter vulnerability

The recently found PHP-CGI query string parameter vulnerability noted in: https://bugs.php.net/bug.php?id=61910v Was announced on May 2nd and as of yet, does not have a solutio...

app sec

BIG-IP Access Policy Manager (APM)

security

kman_52500

Nimbostratus

May 22, 2012

If you are using php and CGI on URLs that don't end in .php this will not work.

i.e.

ScriptAlias /path /path/to/file.php

would still be vulnerable to

/path?-s

Recent Discussions

F5 looses the token for the first call
Dec 27, 2024
Ozzy
ports are showing open on online scanning tool
Dec 27, 2024
Pooja_Varekar208
self-directed requests fail because of no certificate
Dec 26, 2024
Maudigan
Decode ObjectSID from Base64-encode string
Dec 26, 2024
Sefi_Miz
iRule - Url rewrite and header replace and pool selection not working
Dec 26, 2024
rct101

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

RE: Recent PHP-CGI query string parameter vulnerability

Recent Discussions

F5 looses the token for the first call

ports are showing open on online scanning tool

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

OWASP Automated Threats - OAT-014 Vulnerability Scanning

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS