[wp-trac] Re: [WordPress Trac] #4627: Link manager exploit?

WordPress Trac wp-trac at lists.automattic.com
Tue Oct 16 02:32:07 GMT 2007


#4627: Link manager exploit?
----------------------+-----------------------------------------------------
 Reporter:  cbdilger  |        Owner:  pishmishy
     Type:  defect    |       Status:  reopened 
 Priority:  normal    |    Milestone:           
Component:  Security  |      Version:  2.2      
 Severity:  normal    |   Resolution:           
 Keywords:            |  
----------------------+-----------------------------------------------------
Comment (by JeremyVisser):

 Lindsay, could you modify {{{link.php}}} so it dumps the contents of
 {{{$_POST}}} to the error log so we can see how the exploit is run?

 Something like...

 {{{
 if ( 'POST' == $_SERVER['REQUEST_TYPE'] ) {
     error_log(print_r($_POST, true));
 }
 }}}

 Then, tomorrow, take a look at your PHP error log.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/4627#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list