Nice work, RapidWeaver

Posted on by

Over the past 24 hours, I’ve been bombarded by bounced email that appears to have originated from my server. Turns out, there is a security flaw in the php script that RapidWeaver uses for its contact page so people have been exploiting it to send spam. Reading the message boards for the software shows that the authors knew about this about 1.5 weeks ago. It would have been nice for them to inform their users to turn this feature off until they can patch it. Even after they patch it, I’ll find another way to handle the contact page so I don’t have to deal with this again.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the answer to the math equation shown in the picture. Click on the picture to hear an audio file of the equation.
Click to hear an audio file of the anti-spam equation