adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix typo in documentation

Browse Source 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
This commit is contained in:
Stephen Fewer
2024-06-13 15:09:56 +01:00
committed by GitHub
parent bf9b3f1d2a
commit d7531ef74c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/modules/exploit/windows/http/php_cgi_arg_injection_rce_cve_2024_4577.md
+1 -1
View File
@@ -2,7 +2,7 @@
This module exploits a PHP CGI argument injection vulnerability affecting PHP in certain configurations
on a Windows target. A vulnerable configuration is locale dependant (such as Chinese or Japanese), such that
the Unicode best-fit conversion scheme will unexpectedly convert a soft hyphen (0xAD) into a dash (0x2D)
character. Additionally a target web server bust be configured to run PHP under CGI mode, or directly expose
character. Additionally a target web server must be configured to run PHP under CGI mode, or directly expose
the PHP binary. This issue has been fixed in PHP 8.3.8 (for the 8.3.x branch), 8.2.20 (for the 8.2.x branch),
and 8.1.29 (for the 8.1.x branch). PHP 8.0.x and below are end of life and have note received patches.