spacer spacer

huge webdav security hole in xampp / xampp lite

xampp and xampp lite - even in the newest version come with webdav enabled and a default password being set, this is a huge security flaw, since anybody can easily upload malicious files to the server and even execute them trough php, so either disable webdav if you do not need it,
or change the user in x:/xampp/security/webdav.htpasswd

I have no idea why they do that, and even in their security settings they do not show it as a security flaw, which it obviously is, as it is basically the same as leaving an ftp open to anonymous write access.
text added.
Vienna @ 20,7 °C [6,7m/s]
this site was rendered in 0.6812 seconds with a total # of 14 325 118 sites so far.
670121 of which came from registered users. Impressum @