In light of the huge issues with XML-RPC discovered lately, John Cox has this new post on his weblog for users of the Xaraya CMS software.

There is a rash of xml-rpc exploits making their way across PHP Applications. I have not confirmed whether Xaraya is vulnerable or not (on the road without development tools). Until I, or a Xaraya developer can verify the exploit the short term action would be to either delete or disable html/ws.php or disable the xmlrpc modules from your install. If necessary, we will provide a patch, or give the all clear signal.

I'm glad that there are so many groups on top of this flaw already - Wordpress has their patch, Serendipity has their new version, and XOOPS has made the patch availible for their users as well...