I have been a Slashdot fan for a while now, and these guys are just a STITCH. Sometimes they get going on a riff and the results are laugh out loud funny. I am posting this ‘repost’ to illustrate, the link at the bottom will take you to the original material. Posted by ScuttleMonkey [...]

1. Set register_globals to OFF 2. Turn off Display Error/Warning Messages. Set error_display to ZERO. 3. Never run unescaped queries 4. Validate all user inputs. Items on Forms, in URLs and so on 5. Move config.php and files containing Passwords to MySQL to a secure directory outside of the public_html [...]

addthis_url = 'http%3A%2F%2Ftarky7.com%2F2008%2F06%2F23%2Fviolent-storm-6-22-08-great-barrington-ma%2F'; addthis_title = 'Violent+Storm+6-22-08+Great+Barrington%2C+Ma'; addthis_pub = '';

addthis_url = 'http%3A%2F%2Ftarky7.com%2F2008%2F06%2F21%2Fglobal-agents-for-change-video%2F'; addthis_title = 'Global+Agents+for+Change+Video+%21'; addthis_pub = '';

???????? Zuh life! She ees not wors leevingks! Zee Existentialism, she has me in her grip! Aieee! LINK OMG ! Michelle has gotten me hooked on Cute Overload ! addthis_url = 'http%3A%2F%2Ftarky7.com%2F2008%2F05%2F27%2Fzuh-ennuiof-henri%2F'; addthis_title = 'Zuh+ennui%26%238230%3Bof+Henri%21'; addthis_pub = '';

?????? LINK to my new Monotone WP Gallery Margaret Roach, of A Way to Garden found this new Wordpress theme in her travels through the ether and suggested I check it out, being a pretty good editorial photographer. There are certain complexities in using this theme on a hosted Wordpress site, so I just jumped in and created [...]

Many issues can be found here LINK I absolutely love Wordpress as a CMS, a web publishing platform as well as a great blog application. Over the last year I have made a good living helping people get found by Google, Yahoo and MSN using Wordpress, and original content to get found in the NSO (Natural [...]

WordPress Download Monitor Plugin “id” SQL Injection Vulnerability Secunia Advisory: SA29876 Release Date: 2008-04-28 Last Update: 2008-05-02 Critical: Moderately critical Impact: Manipulation of data Exposure of sensitive information Where: From remote Solution Status: Vendor Patch Software: WordPress Download Monitor Plugin 2.x CVE reference: CVE-2008-2034 (Secunia mirror) Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! Description: Dino [...]

April 18th, 2008 WordPress Parameter Directory Traversal Vulnerability WordPress is prone to a ‘cat’ directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. This input validation error was originally reported by Sandor Attila Gerendi and exploiting the issue may allow an attacker to access sensitive information that could aid in further attacks. An attacker can exploit [...]

Wordpress Cookie Authentication Vulnerability Original release date: 2007-11-19 Last revised: 2007-11-19 Latest version: http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-auth.txt CVE ID: Source: Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/ Systems Affected: Wordpress 1.5 — 2.3.1 (including current version, as of 2007-11-19) Overview: With read-only access to the Wordpress database, it is possible to generate a valid login cookie for any account, without resorting [...]