Simon Willison’s Weblog

Subscribe

PHP 4 phpinfo() XSS Vulnerability. Another reason not to run an open phpinfo() page on your server.