[wp-trac] Re: [WordPress Trac] #9750: setup-config.php is tainted
by request data
WordPress Trac
wp-trac at lists.automattic.com
Fri May 8 08:13:07 GMT 2009
#9750: setup-config.php is tainted by request data
--------------------------+-------------------------------------------------
Reporter: hakre | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8
Component: Security | Version: 2.8
Severity: normal | Keywords: has-patch 2nd-opinion
--------------------------+-------------------------------------------------
Comment(by DD32):
> this is PHP Version 5.2.8 CGI/FastCGI with Virtual Directory Support
enabled. I'm not so shure if this is the cause, i could find this info
about it:
"Virtual Directory Support" is unrelated. I'm running 5.2.6 under Apache 2
on windows, And its fine.
to me, It sounds like a PHP/Web server bug.
However, Still This is a pointless bug to me - So what if you can access
an bad URL by typing in a incorrect link to a automatically-redirected-to
url?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9750#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list