[Zope-dev] OT: These PHP guys are so funny
Stefane Fermigier
sf at nuxeo.com
Tue Jul 5 10:03:23 EDT 2005
Florent Guillaume wrote:
> They use buggy eval() in their XMLRPC code, which of course causes
> massive security problems, notably with RSS...
>
> http://www.gulftech.org/?node=research&article_id=00088-07022005
> http://news.netcraft.com/archives/2005/07/04/
> php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
>
> Florent
>
I sincerely hope we are better than they are.
S.
--
Stéfane Fermigier, Tel: +33 (0)6 63 04 12 77 (mobile).
Nuxeo Collaborative Portal Server: http://www.nuxeo.com/cps
Gestion de contenu web / portail collaboratif / groupware / open source!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sf.vcf
Type: text/x-vcard
Size: 275 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20050705/6e1f8665/sf.vcf
More information about the Zope-Dev
mailing list