[wp-hackers] Possible vulnerability with the plugin system
Otto
otto at ottodestruct.com
Thu Dec 6 21:31:41 GMT 2007
Could this still be potentially dangerous with the .. modifier?
Basically this will allow them to execute any PHP file on your server
in your context, no? Might be an issue with shared servers.
http://www.example.com/wp-admin/options.php?page=../../../badguy/badscript.php
On 12/6/07, Andy Skelton <skeltoac at gmail.com> wrote:
> Super-interesting: http://www.sitepoint.com/blogs/2006/10/06/php-mapreduce/
>
> Clicking "This search" in that article, I found the exact code at
> issue in this Hackers thread. Fortunately the $_GET parameter is
> appended to a known path, rendering this exploit unusable.
>
> Cheers,
> Andy
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list