Published on 2005-08-16 00:22:03

CPAINT (Cross-Platform Asynchronous INterface Toolkit) is a true AJAX (Asynchronous JavaScript+XML) and JSRS (JavaScript Remote Scripting) implementation. CPAINT provides you the code required to implement AJAX and JSRS on the back-end, while the returned data is manipulated, formatted, and displayed on the front-end in JavaScript. This allows you to build web applications that can provide nearly real-time feedback to the user, including nearly real-time data updates.

The author of CPAINT posted today an important security issue that have been fixed in current version of CPAINT and that he suspect it could affect others AJAX toolkits

I am the original author of the CPAINT Ajax Toolkit (http://cpaint.sourceforge.net/). Last night we found a vulnerability affecting all versions of CPAINT prior to v1.3-SP (which is the patched version of the software) that can allow a user with malicious intent to execute server or ASP/PHP commands that would allow them to easily access data on the server.

Read More

• Zephyr Framework, the ajax based framework for PHP5
• JavaScript WebSite Login Checker
• New Rico LiveGrid Behavior
• Scalability and performance experience of Jobby and Digg

• Employment D.C. Search Results
• [Contact us]

Member of the PHP Magazine Network, Copyright (C) 2005-2008 phpmagazine.net All Rights Reserved