Simon Willison’s Weblog

PHP 4 phpinfo() XSS Vulnerability. Another reason not to run an open phpinfo() page on your server.

Posted 4th March 2007 at 9:24 pm

Recent articles

Cooking with Claude - 23rd December 2025
Your job is to deliver code you have proven to work - 18th December 2025
Gemini 3 Flash - 17th December 2025

php 190 phpinfo 1 security 570 xss 60

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe