As rjray suggested I've just posted a story about my exploit for SOAP::Lite. I hope it will get some real attention. I really afraid that this bug in SOAP::Lite affects Perl community too much. Let's count:
- use.perl.org allows to edit journals via SOAP
- ActiveState uses (?) SOAP for PPM servers
- devel version of Bricoladge supports SOAP server
- http://theoryx5.uwinnipeg.ca/CPAN/ does run SOAP server
I'm not sure but it is very likely that all of them use SOAP::Lite.
