[cms] Forum Topics

Content Management Systems (CMS) may not be the most interesting topic on the tech table, but oh boy does WordPress liven things up in this sector. Not, it has to be said, always in a good way. I've lost count of the number of WordPress vulnerability stories that I've read …

Although the term 'reflection DoS' is nothing new, I recall reading something about it three years ago when a high profile security researcher [used it to describe](http://www.understandingcomputers.ca/articles/grc/drdos_copy.html) how malicious SYN packets were being reflected off bystanding TCP servers and the SYN/ACK responses used to flood his bandwidth. More recently, Garrett …

A Drupal security advisory, [SA-CORE-2014-005](https://www.drupal.org/SA-CORE-2014-005), rather embarrassingly states that: > Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. …

As well as being CEO of penetration testing specialists High-Tech Bridge, Ilia Kolochenko is also perhaps unsurprisingly a white hat hacker of some repute. Equally unsurprising is the fact that he has [warned](https://www.htbridge.com/blog/plugins_and_extensions_the_achilles_heel_of_popular_cmss.html) that security vulnerabilities in leading CMS platforms such as Drupal, Joomla and WordPress are effectively leaving the …

This morning EMC, Microsoft and IBM announced they had worked together over a two-year period to create a [URL="http://www.fiercecontentmanagement.com/story/ring-bells-major-ecm-vendors-send-content-sharing-standard-oasis-today/2008-09-10"]content interchange standard[/URL] for enterprise content management systems. It may not sound like much, but it's meaningful on several levels. For content management customers, it means it will greatly simplify moving content …