Skip to main content

Serious PHP flaw found

No replies
kohsuke
Offline
Joined: 2003-06-09

from http://spaces.msn.com/members/Charaka/Blog/cns!1pjOlh2wMPkKn4eZ9sr4Yszw!374.entry
A critical vulnerability in two PHP libraries have been found. They are used to provide web services and content management systems. PHP, is one of the most widely used scripting language on the web and the flaws are in the XML-RPC for PHP and PEAR XML-RPC libraries. Similar flaws were discovered in July and prompted an audit of the libraries by the Hardened-PHP Project, a group that was founded to protect PHP users and servers against security holes.