Language Selection

English French German Italian Portuguese Spanish

Newest Vulnerabilities in php apps

Filed under
Security

"Multiple vulnerabilities in two popular open-source projects-phpMyAdmin and phpBB-could put users at risk of cross-site scripting and information disclosure attacks, security researchers warned Thursday."

"The most serious flaws could lead to arbitrary program execution if PHP safe mode is off and external transformations are activated as well as allowing the disclosure of the full path to system files."

Full Story.

More in Tux Machines

Ubuntu Leftovers

Leftovers: Software Development

  • fakecloud
  • A new version of pristine-tar
  • Getting RSS feeds for news websites that don’t provide them
    On the technical side, this seems to be one of the most stable pieces of software I ever wrote. It never crashed or otherwise failed since I started running it, and fortunately I also didn’t have to update the HTML parsing code yet because of website changes. It’s written in Haskell, using the Scotty web framework, Cereal serialization library for storing the history of the past articles, http-conduit for fetching the websites, and html-conduit for parsing the HTML. Overall a very pleasant experience, thanks to the language being very convenient to write and preventing most silly mistakes at compile-time, and the high quality of the libraries.
  • Quick Highlight
    Martin Blanchard put together a new “quick highlight” plugin for Builder this last week. It was a great example of how to submit a new feature, so I just wanted to highlight it here. Post to bugzilla, attach a patch, and we will review quickly and help with any additional integration that might be necessary.

Android Leftovers

Today in Techrights