. I will wait
until Francisco fix them.
Francisco was noticed a month ago, but the problems persist.
Maybe he is busy reading the new revision of the Building Secure Web
Applications and Web Services OWASP document. :]
Cheers,
Pedro Inacio
Hello again,
just to say that PostNuke ( fork of PHP-Nuke ) is vulnerable to the same
bugs
AND
it is possible to inject different SQL code in order to do other funny
but dangerous things.
Note to the guys of those projects:
Filter those URL entries!!!
Cheers,
Pedro Inacio