[Zope-dev] OT: These PHP guys are so funny
Florent Guillaume
fg at nuxeo.com
Tue Jul 5 07:47:48 EDT 2005
They use buggy eval() in their XMLRPC code, which of course causes
massive security problems, notably with RSS...
http://www.gulftech.org/?node=research&article_id=00088-07022005
http://news.netcraft.com/archives/2005/07/04/
php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
Florent
--
Florent Guillaume, Nuxeo (Paris, France) CTO, Director of R&D
+33 1 40 33 71 59 http://nuxeo.com fg at nuxeo.com
More information about the Zope-Dev
mailing list