1.2.496. GPRC Aliases

The following variables are holding the content of $_GET, $_POST, $_REQUEST or $_COOKIE. They shouldn’t be trusted, just like their original variables.

<?php

$post = $_POST;

foreach($post as $key => $var)  {
     print $var;
}

?>

See also Superglobals.

1.2.496.1. Specs

Short name	Security/GPRAliases
Rulesets	All, Changed Behavior
Exakat since	0.8.4
PHP Version	All
Severity	Major
Time To Fix	Quick (30 mins)
Precision	Very high
Features	superglobal
Available in	Entreprise Edition, Exakat Cloud