I read about the EAR vulnerability in websites. But its hard to think of an exploit for EAR in PHP. Can anyone provide a specific example about how the attacker can exploit?
Consider the code below;
<?php
if (!$loggedin) {
header('location: login.php');
}
echo 'You can only see this secret stuff if you are logged in!';
The echo'ed text is still returned - so not blindly obeying the location header will let you read the "secret message".
Also, I think this post belongs on https://security.stackexchange.com/