huge webdav security hole in xampp / xampp lite
|
31.12.2010 |
xampp and xampp lite - even in the newest version come with webdav enabled and a default password being set, this is a huge security flaw, since anybody can easily upload malicious files to the server and even execute them trough php, so either disable webdav if you do not need it, or change the user in x:/xampp/security/webdav.htpasswd I have no idea why they do that, and even in their security settings they do not show it as a security flaw, which it obviously is, as it is basically the same as leaving an ftp open to anonymous write access. text added. |
![]() |
|
this site was rendered in 0.14303 seconds with a total # of 18 949 067 sites so far.
674485 of which came from registered users. Impressum @ u2.hax.at |