Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest stationmaster buy cloud host technology Hall
Just read the friend's article "on the Dedecms of several questions", no matter what angle to think, are very pertinent. Here, I also say a few things to talk about the official attitude.
With Dede for nearly 1 years, and its loopholes, this is indeed very normal. But the official attitude was more chilling ...
Let me give you an example probably at the end of August, I accidentally found a can make 80% with Dede site crash loophole, this loophole is very serious, because I personally found, I am in Baidu search Dede do the station, most have this loophole, only a very few do not.
Among the sites found are ding famous websites in the industry. Of course, I didn't do any damage. At that time, I was in the official post, because of fear of the public after the illegal use, I did not directly say what is the loophole.
Post sent out, only one of the owner of the cold back sentence, off work. Later, the official QQ contact, and finally look forward to their QQ, so and they contact, now in retrospect, feeling that I was begging them the same. That attitude is really unpleasant. It's not easy to "ask" them to pay attention to this loophole, they are also the attitude you love to say.
Finally, of course, tell them the loophole, 3 hours later, there is no point of gratitude or results of the response. Do I send a post to ask the patch out? The answer is "being made ..." (I made this patch myself, it didn't take 3 minutes)
It was almost the third day, and they finally said it was fixed. Sadly, there has been no patch. There is no action, until I press the time, still do not have this patch. A few days ago I downloaded a new version of the test, only to find that the original new program already has patches, but no separate patches. Don't know why?
I found a more serious loophole when the leak was discovered, and if the last 80% was a bit exaggerated, the 85% would never be exaggerated. This loophole is even more serious. Covers all versions. The first vulnerability involved only v5.x versions,
Unfortunately, I told them after this thing, Ah, others simply ignore me. Left them n times, others do not ask. This is the official attitude ... However, I also figured out, the official is like this, and it's none of my business. I have to keep this loophole, in the future to see which station uncomfortable on the invasion is ...