While we are at it: Some time ago, someone (likely through a script) tryed to abuse the comment notification feature of COREBlog. He tryed to overflow some of the fields with returns to sneak in new bcc:-headers, obviously to send out SPAM.
This could only have been successfull with forms that do not check input, use user input in headers, and then pipe everything into sendmail. No such (bad) luck with COREBlog. Details: http://betabug.ch/blogs/ch-athens/231 Regards, Sascha _______________________________________________ COREblog-en mailing list [email protected] http://postaria.com/cgi-bin/mailman/listinfo/coreblog-en Unsubscription writing to [EMAIL PROTECTED]
