[wp-hackers] FW: [BugTraq] Word Press Sensitive Directory
robin.adr at gmail.com
Fri Mar 9 01:19:02 GMT 2007
What an idiot. Any PHP error does this.
Also, it isn't a security hazard at all (you could guess the directory
structure eventually, anyways) and Trac might have been a better place.
How does SQL tie into that, either?
On 3/8/07, Ross M. W. Bennetts <ross.bennetts at une.edu.au> wrote:
> This (below) looks like nothing, but I'm forwarding it to let people know
> that they are still talking about us on the Symantec SecurityFocus BugTraq
> Ross M. W. Bennetts
> Web Editor
> Information Technology Directorate
> University of New England
> Armidale, Australia.
> -----Original Message-----
> From: r00t2000 at hush.com [mailto:r00t2000 at hush.com]
> Sent: Thursday, 8 March 2007 7:21 PM
> To: bugtraq at securityfocus.com
> Subject: Word Press Sensitive Directory exposure (SQL)
> #Found By: r00t[ati]
> #Web App: Word Press
> #Version(s): unknown
> #Level: low
> #File Name: admin-functions.php
> //SQL EXAMPLE ERROR:
> Fatal error: Call to undefined function __() in
> /usr/local/www/****/data/wp-admin/admin-functions.php on line 1593
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers