Blog:CMS (formerly Nucleus XE) is a content management system written in PHP with a MySQL database. It attempts to integrate several open-source projects into a forked version of Nucleus CMS, including DokuWiki, PunBB, and an image gallery, using modifications written by its primary developer, Radek Hulán. The project is generally considered a "pre-modded version" of Nucleus CMS, rather than a full product in its own right. History Hulán started the project after several debates with the rest of the Nucleus CMS development team centering around the revocation of his CVS access due to some suspicious changes to the code. Blog:CMS has suffered from some prominent public relations issues centering around Hulán's attitude toward support requests, and many users have reported significant bugs. A project called Blog:Hack:CMS exists to convert Blog:CMS blogs to Nucleus CMS. Blog:CMS is licensed under the terms of the GNU General Public License version 2. Criticism Blog:CMS has suffered from a recurring theme of vulnerabilities: SQL Injection Vulnerabilities. In each case, this is due to unvalidated user input. The issue has been identified in core and plugins. Further issues are raised by the fact that because Blog:CMS branched the wiki, forum and photo gallery components to create Blog:CMS when these get a problem these components will carry the problem too. There is a level of doubt regarding the legal standing of Blog:CMS under the GNU GPL. Including examples of instances where the only changes are to the copyright notices.
|