Bugtraq mailing list archives

Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability

From: "MustLive" <mustlive () websecurity com ua>
Date: Thu, 23 Jul 2009 21:29:10 +0300

Hello Bugtraq!

Vulnerability "wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion
Vulnerability" is non-working. Because mentioned RFI doesn't exist.

Cru3l.b0y, please, always check all vulnerabilities which you find. As I
already said to author of fake vulnerability in WordPress Plugin Related
Sites 2.1 (http://websecurity.com.ua/3281/), no need to litter security
space in Internet with non-working vulnerabilities.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

Cru3l.b0y (cru3l b0y gmail com)

Hi Dear,
I found a new bug. please publish it.
thank you
best regards
========================================================================
===================

[o] wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion
Vulnerability

Software : WP Super Cache v0.8.3

Vendor : http://wordpress.org/

Download : http://downloads.wordpress.org/plugin/wp-super-cache.0.8.3.zip

Author : Cru3l.b0y

Home : WwW.DeltaHacking.Net

Description : A very fast caching engine for WordPress that produces
static html files.

========================================================================
===================

[o] Vulnerable file

wp-cache-phase1.php

require_once( $plugin );

[o] Exploit

http://localhost/[path]/wp-cache-phase1.php?plugin=shell



!DSPAM:4a68ac2539181554220484!

Current thread:

Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability MustLive (Jul 23)