[wp-hackers] Security Vulnerability found

Robert Deaton false.hopes at gmail.com
Wed Apr 13 22:11:50 GMT 2005


I just looked over the link to the original advisory, and I found it rather 
halarious that the person who posted this was also silly enough to include 
code that wouldn't do anything at all to help the problem. Just thought I'd 
share.

function get_the_title($id = 0) {
	.
	.
	.
	$sb_convert = $output;
	$sb_input =  array("<",">","(",")");
	$sb_output = array("&lt;","&gt;","&#40;","&#41;");
	$output = str_replace($sb_input, $sb_output, $sb_convert);
	return $title;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-hackers/attachments/20050413/02e0f606/attachment.html


More information about the wp-hackers mailing list