Tuesday, July 05, 2005

Security threat for PHP-based blogging

Netcraft reports that PHP-based blogging programs have been found to have a security hole:
Many popular PHP-based blogging, wiki and content management programs can be exploited through a security hole in the way PHP programs handle XML commands. The flaw allows an attacker to compromise a web server, and is found in programs including PostNuke, WordPress, Drupal, Serendipity, phpAdsNew, phpWiki and phpMyFAQ, among others.
(via Michael Jacques)

No comments: