[pmwiki-users] suggestion for security notifications

Dominique Faure dominique.faure at gmail.com
Tue Sep 5 08:11:26 CDT 2006

On 9/5/06, Neil Herber <nospam at eton.ca> wrote:
> As much as anyone else, I want to know if there are any security
> holes in PmWiki.
> However, it does no one other than the crackers any good to post
> vulnerabilities here before Patrick has had a chance to even look at
> the threat. He generally takes very little time to assess threats and
> post a new version of PmWiki or a workaround.
> So please, if you have found a vulnerability of any type, send a
> *private* email to Patrick first and discuss it with him.
> No sense in giving the bad guys a head start.

According to original discoverer site [1] and PmWiki change log[2]
this is a quite old vulnerability, which has already been taken in


[1] http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/
[2] http://www.pmwiki.org/wiki/PmWiki/ChangeLog

More information about the pmwiki-users mailing list