[wp-hackers] Security Issue Post in Forums
ryan at boren.nu
Thu Sep 7 17:52:56 GMT 2006
> On 9/7/06, Ryan Boren <ryan at boren.nu> wrote:
>> Peter Westwood wrote:
>> > The source is here:
>> > http://www.securityfocus.com/archive/1/445374/30/0/threaded
>> > I tried this against my sandbox 2.0.4 install and it didn't do
>> > No sign of SQL inject into any of the database queries as examined from
>> > the dump produced by Ryans excelent dump_queries plugin 
>> We cast "paged" to an int and then take the absolute value. We've got
>> it covered.
> To make sure I'm clear: That's in 2.0.4 already?
Yes. Nothing to see here.
More information about the wp-hackers