[wp-hackers] FW: [BugTraq] Word Press Sensitive Directory
exposure (SQL)
Robin Adrianse
robin.adr at gmail.com
Fri Mar 9 01:19:02 GMT 2007
What an idiot. Any PHP error does this.
Also, it isn't a security hazard at all (you could guess the directory
structure eventually, anyways) and Trac might have been a better place.
How does SQL tie into that, either?
On 3/8/07, Ross M. W. Bennetts <ross.bennetts at une.edu.au> wrote:
>
> This (below) looks like nothing, but I'm forwarding it to let people know
> that they are still talking about us on the Symantec SecurityFocus BugTraq
> list.
>
> Ross M. W. Bennetts
> Web Editor
> Information Technology Directorate
> University of New England
> Armidale, Australia.
>
> -----Original Message-----
> From: r00t2000 at hush.com [mailto:r00t2000 at hush.com]
> Sent: Thursday, 8 March 2007 7:21 PM
> To: bugtraq at securityfocus.com
> Subject: Word Press Sensitive Directory exposure (SQL)
>
> #Found By: r00t[ati]
>
> #Web App: Word Press
>
> #Version(s): unknown
>
> #Level: low
>
> #File Name: admin-functions.php
>
> //SQL EXAMPLE ERROR:
>
> Fatal error: Call to undefined function __() in
> /usr/local/www/****/data/wp-admin/admin-functions.php on line 1593
>
>
> Thanks,
>
> r00t
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list