5 Jul
2005
5 Jul
'05
2:03 p.m.
Florent Guillaume wrote:
They use buggy eval() in their XMLRPC code, which of course causes massive security problems, notably with RSS...
http://www.gulftech.org/?node=research&article_id=00088-07022005 http://news.netcraft.com/archives/2005/07/04/ php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
Florent
I sincerely hope we are better than they are. S. -- Stéfane Fermigier, Tel: +33 (0)6 63 04 12 77 (mobile). Nuxeo Collaborative Portal Server: http://www.nuxeo.com/cps Gestion de contenu web / portail collaboratif / groupware / open source!