Articles from Heine Deelstra

Primary tabs

Specifications should be a major part of the foundation we built on. Unfortunately, we're a bit loose with our adherence to specs. (Writer is guilty too).

Specifications should be a major part of the foundation we built on. Unfortunately, we're a bit loose with our adherence to specs. (Writer is guilty too).

Today we released a security announcement about a Webform SQL Injection vulnerability outside of the normal release schedule on Wednesday.

Today we released a security announcement about a Webform SQL Injection vulnerability outside of the normal release schedule on Wednesday.

Apart from PHP bugs and Denial of Service attacks, there's another reason why calling unserialize on user-supplied data (cookies, hidden form fields) is a bad idea.

Apart from PHP bugs and Denial of Service attacks, there's another reason why calling unserialize on user-supplied data (cookies, hidden form fields) is a bad idea.

We recently received a report by "ZeroDayScan", about a "Full path disclosure bug in Drupal 6.16".

We recently received a report by "ZeroDayScan", about a "Full path disclosure bug in Drupal 6.16".

Is your recent Drupal update not taking effect? Drupal still claims to be the
old version?

Is your recent Drupal update not taking effect? Drupal still claims to be the
old version?

Pages

Articles from Heine Deelstra

Specifications should be a major part of the foundation we built on. Unfortunately, we're a bit loose with our adherence to specs. (Writer is guilty too).

Specifications should be a major part of the foundation we built on. Unfortunately, we're a bit loose with our adherence to specs. (Writer is guilty too).

Today we released a security announcement about a Webform SQL Injection vulnerability outside of the normal release schedule on Wednesday.

Today we released a security announcement about a Webform SQL Injection vulnerability outside of the normal release schedule on Wednesday.

Apart from PHP bugs and Denial of Service attacks, there's another reason why calling unserialize on user-supplied data (cookies, hidden form fields) is a bad idea.

Apart from PHP bugs and Denial of Service attacks, there's another reason why calling unserialize on user-supplied data (cookies, hidden form fields) is a bad idea.

We recently received a report by "ZeroDayScan", about a "Full path disclosure bug in Drupal 6.16".

We recently received a report by "ZeroDayScan", about a "Full path disclosure bug in Drupal 6.16".

Is your recent Drupal update not taking effect? Drupal still claims to be the
old version?

Is your recent Drupal update not taking effect? Drupal still claims to be the
old version?

Pages