Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
PHP magic_quotes_gpc is disabled - Vulnerability Database

PHP magic_quotes_gpc is disabled

Description

The magic quotes option is designed to safeguard developers against SQL injection attacks. It executes addslashes() on all information received over GET, POST or COOKIE. This protection is not perfect and it's better to validate input from your own scripts. Still, it is recommended to enable magic_quotes_gpc as an extra layer of security.

Remediation

You can enable magic_quotes_gpc from php.ini or .htaccess.<br/><br/> <strong>php.ini</strong><br/> magic_quotes_gpc = 'on'<br/><br/> <strong>.htaccess</strong><br/> php_flag magic_quotes_gpc on<br/>

References

PHP Manual - Magic Quotes

Related Vulnerabilities

Trace.axd Detected High
Common tags: Configuration
Unrestricted access to Caddy API interface High
Common tags: Configuration
Unrestricted access to Kong Gateway API High
Common tags: Configuration
Joomla J!Dump extension enabled Medium
Common tags: Configuration
Joomla Debug Console enabled Medium
Common tags: Configuration

Severity

High

Classification

CWE-150
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration