jump to navigation

When Ajax Gets Abused Sunday, May 28, 2006

Posted by VoeD in Articles, Implementation.
trackback

You have just got to love The Daily WTF; If I can only read two feeds a day, it would be this and Slashdot. Anyway, Ajaxian quoted The Daily WTF for this piece of interesting (nonetheless scary) code. I think the comments on the Ajaxian post sums it all up..

The problem is that the developer implemented an “execPHP” function. […] This is a gateway to run any code on the server. Might as well just have a text box on the page that says “type some code in, and we’ll execute it”.

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: