Interesting walk through on how a remote execution bug was found on an eBay site.
Mitigation items end up being fairly standard: don’t trust user input and avoid eval() as much as possible.
Categories
Interesting walk through on how a remote execution bug was found on an eBay site.
Mitigation items end up being fairly standard: don’t trust user input and avoid eval() as much as possible.