Affected systems:
PHP version 4.1.1 under Windows
PHP version 4.0.4 under Windows
Vulnerability description:
🎜>In PHP under Windows, through PHP.EXE, an attacker can make any file appear as a php file, even if the file extension is not php. For example, upload a file, but the extension is mp3, txt, or gif, etc., and then ask PHP to execute it.
For example:
Upload a gif file, but it is actually a php script file. The content of the file is as follows:
#------------
phpinfo();
?>
#------------
Then the attacker uses PHP Go to execution:
http://www.example.com/php/php.exe/UPLOAD_DIRECTORY/huh.gif
Garbled characters starting with ^quxjg$c
How to open img file
You need permission from admin to make changes to this file
Windows checks port occupancy status
Check port occupancy windows
Windows photos cannot be displayed
Check the occupied port status in windows
Windows cannot access shared computer
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
