[wp-hackers] Security Issue Post in Forums
Ryan Boren
ryan at boren.nu
Thu Sep 7 17:52:56 GMT 2006
Handy wrote:
> On 9/7/06, Ryan Boren <ryan at boren.nu> wrote:
>>
>> Peter Westwood wrote:
>> > The source is here:
>> > http://www.securityfocus.com/archive/1/445374/30/0/threaded
>> >
>> > I tried this against my sandbox 2.0.4 install and it didn't do
>> anything.
>> >
>> > No sign of SQL inject into any of the database queries as examined from
>> > the dump produced by Ryans excelent dump_queries plugin [1]
>>
>> We cast "paged" to an int and then take the absolute value. We've got
>> it covered.
>>
>>
> To make sure I'm clear: That's in 2.0.4 already?
Yes. Nothing to see here.
Ryan
More information about the wp-hackers
mailing list