Drupal, WordPress, Joomla vulnerable due to PHPMailer

Submitted by dryer on Wed, 12/28/2016 - 09:34

PHPMailer, a popular class used by popular web CMSes like WordPress, Joomla and Drupal has been found to be vulnerable to a bug that allows execution of arbitrary code. PHPMailer is the most popular utility class for sending emails with PHP. There are an estimated 9 million sites of it live on the internet currently, most of them vulnerable.

The issue is not trivial as it allows attackers to exploit millions of websites that are deployed from small businesses to giant corporations. The issue, now tracked as CVE-2016-10033, was made public by Dawid Golunski.

Drupal and WordPress tech stacks diverge to PHP and JavaScript

Submitted by dryer on Fri, 07/08/2016 - 21:00

WordPress and Drupal are both very popular Content Management Systems (CMS) that power large parts of the internet. The two projects share quite a few things. They were started early in the 2000's and have grown to be large players in a market that used to be owned by Proprietary Software.