Latest Privacy

The Hacker News

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

By Mohit Kumar 28 Oct 2019 at 15:10

If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely. The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could be exploited easily as a proof-of-concept (PoC) exploit for the flaw has already been released publicly...

Read more