3 comments

[ 23.9 ms ] story [ 333 ms ] thread
<del>Looks like they fixed it -- good.</del> Exposing your web service code is a huge security issue; at least they were prompt about fixing it (says "Service Unavailable" now rather than serving PHP files)

Edit: Apparently not.

Exposing your code isn't a security issue if your code is written properly in the first place. You shouldn't be putting any private keys into your code.
Lucky for them it is just a recaptcha account. I wonder why the PHP was not interpreted though? It is wrapped properly?