[wp-hackers] WordPress Charset SQL Injection Vulnerability
Abel Cheung
abelcheung at gmail.com
Sun Dec 16 19:57:57 GMT 2007
On Dec 16, 2007 2:27 AM, Lloyd Budd <lloydomattic at gmail.com> wrote:
> > Unsure why I failed to reply this sooner. Getting table prefix is so
> > trivial for newer wordpress:
> >
> > /?feed=rss2&p=-1
>
> As trivial as? This is a bit of an annoying way to present a software
> bug. Anyway, thank you very much for letting us know about this!
Annoying? This has been fully disclosed to public since July:
http://blogsecurity.net/news/news-110707/
Currently xssnews.com is down, but content still exists in form of google cache.
Abel
>
> http://trac.wordpress.org/ticket/5471
> ?feed=rss2&p=-1 results in db error, showing sql query (table prefixes)
>
> The whole WordPress community really appreciate your help in
> uncovering these issues. Are there other issues you know about that
> you can share at this time?
> (Assuming you haven't emailed security at wordpress.org and are giving
> them an opportunity to fix the issue prior to public disclosure.)
>
> Thanks again,
> Lloyd
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Abel Cheung (GPG Key: 0xC67186FF)
Key fingerprint: 671C C7AE EFB5 110C D6D1 41EE 4152 E1F1 C671 86FF
--------------------------------------------------------------------
* My own cave: http://me.abelcheung.org/
* Opensource Application Knowledge Assoc. - http://oaka.org/
More information about the wp-hackers
mailing list