5 Jul
2005
5 Jul
'05
11:47 a.m.
They use buggy eval() in their XMLRPC code, which of course causes massive security problems, notably with RSS... http://www.gulftech.org/?node=research&article_id=00088-07022005 http://news.netcraft.com/archives/2005/07/04/ php_blogging_apps_vulnerable_to_xmlrpc_exploits.html Florent -- Florent Guillaume, Nuxeo (Paris, France) CTO, Director of R&D +33 1 40 33 71 59 http://nuxeo.com fg@nuxeo.com