jump to navigation

When Ajax Gets Abused Sunday, May 28, 2006

Posted by VoeD in Articles, Implementation.

You have just got to love The Daily WTF; If I can only read two feeds a day, it would be this and Slashdot. Anyway, Ajaxian quoted The Daily WTF for this piece of interesting (nonetheless scary) code. I think the comments on the Ajaxian post sums it all up..

The problem is that the developer implemented an “execPHP” function. […] This is a gateway to run any code on the server. Might as well just have a text box on the page that says “type some code in, and we’ll execute it”.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: