Be the first to post a text review of HotNews. Rate and review a project by clicking thumbs up or thumbs down in the right column.
Since there has been found a security problem in HotNews it has been discontinued. The problem is that the include directory must not be publicly accessible on the web server, if it is remote attackers can include arbitrary PHP files. The include directory can also be protected with an appropriate .htaccess file (see "file" at the end of this text for example). I (origninal HotNews author) was not contacted prior to public release of this problem. HotNews hasn't been activly maintained for a long time, and the author doesn't have an interest in further development of it. Should anyone have any questions, please don't hesitate to contact me. .htaccess file to be places in the include directory to deny access to the files (inspired by file from the twig webmail script) : AuthName "FooBar" AuthType basic AuthUserFile /dev/null require valid-user
This is a minor service release to fix support for PHP 4.3.0.
Be the first person to add a text review.
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
Thanks for your rating!
Would you also like to write a review?