[wp-hackers] Security Issue Post in Forums

Michael B miklb.online at gmail.com
Thu Sep 7 17:27:13 GMT 2006


Thanks for all the feedback.  For future reference then, to be sure, I'll
copy any relevant code, delete it from the post, and forward it to security
AT wordpress dot org?

Michael


On 9/7/06, Ryan Boren <ryan at boren.nu> wrote:
>
> Peter Westwood wrote:
> > The source is here:
> > http://www.securityfocus.com/archive/1/445374/30/0/threaded
> >
> > I tried this against my sandbox 2.0.4 install and it didn't do anything.
> >
> > No sign of SQL inject into any of the database queries as examined from
> > the dump produced by Ryans excelent dump_queries plugin [1]
>
> We cast "paged" to an int and then take the absolute value.  We've got
> it covered.
>
> Ryan
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list