Y
Hacker News
new
|
ask
|
show
|
jobs
by
nbpoole
5434 days ago
No. The timthumb.php script can be accessed directly by unauthenticated users.