[wp-hackers] If You Thought Weak Passwords Were the Only Weakness...

Roy Schestowitz r at schestowitz.com
Sun Oct 8 22:39:28 GMT 2006


I worry that this might feed some script kiddies, but it's very  
important to explicitly tell people _NOT_ to share their files too  
openly.

http://www.google.com/codesearch?as_q=username&as_filename=wp-config.php

Such things could lead people to blaming the CMS rather than their own  
actions... and previously I shared a story about a blog we have on  
campus, which was cracked having had a text file available with /all/  
the passwords.


More information about the wp-hackers mailing list