In php.ini, there is this:
; Misc
;
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
expose_php [...]
Coming from the WWDC, Apple announced it's going to allow third party Web 2.0 applications. Really? Are you saying that previous to this that Safari wasn't going to support even Javascript? Why thank you Mr. Jobs that you are now going to allow the basics of most browsers for years.
And how are Web 2.0 applications [...]
A WordPress 2.2 vulnerability was posted on milw0rm recently, which allows SQL injection via xmlrpc.php.
Here is the vulnerable function
function wp_suggestCategories($args) {
global $wpdb;
$this->escape($args);
$blog_id [...]
I brought out Acunetix to test the script that I'm writing. It's a pretty noisy web vulnerability scanner that tests for XSS, SQL Injection, server vulnerabilities, and other things that just shouldn't be around. I'm not going to reveal too much about my script, but it consists of a user system, private messaging, posting with [...]