Sunday 27 October 2019
The PHP programming language underpins much of the Internet. It forms the basis of popular content management systems like WordPress and Drupal, as well as more sophisticated web applications, like Facebook (kinda). Therefore, it’s a huge deal whenever researchers identify a security vulnerability within it. A couple of days ago, Emil ‘Neex’ Lerner, a Russia-based security researcher, disclosed a remote-code execution vulnerability in PHP 7 – the latest iteration of the hugely popular web development language. With this vulnerability, which has the CVE-ID of 2019-11043, an attacker could force a remote web server to execute their own arbitrary code simply…
This story continues at The Next Web
