[wp-hackers] Security Issue Post in Forums
Ryan Boren
ryan at boren.nu
Thu Sep 7 17:19:01 GMT 2006
Peter Westwood wrote:
> The source is here:
> http://www.securityfocus.com/archive/1/445374/30/0/threaded
>
> I tried this against my sandbox 2.0.4 install and it didn't do anything.
>
> No sign of SQL inject into any of the database queries as examined from
> the dump produced by Ryans excelent dump_queries plugin [1]
We cast "paged" to an int and then take the absolute value. We've got
it covered.
Ryan
More information about the wp-hackers
mailing list