Mel Flynn schreef:
You can do that, the issue is plugins:
0) SuperCMS v 1.0 installed
1) CoolStuff via webinterface, by SuperCMSNr1Fan, version 0.1.0.1beta
2) SuperCMS v 1.0.1 security release, changes some issues with plugin
handling
3) CoolStuff's maintainer is now known as CompetitorCMSNr1Fan
4) CoolStuff still works, because of backwards compatibility, but now
is insecure.
Stuff like this goes back to the phpNukeYourSite days.
I understand that there are allot of caveats and that is quite some work
to create a full blown checker, especially with
plugins. But as far as I am corcerned, finding the easy to locate
vultnerable script is already better then doing nothing.
Jeroen
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
