Full Disclosure mailing list archives
Re: WordPress Authenticated File Upload Authorisation Bypass
From: Carlos Alberto Lopez Perez <clopez () igalia com>
Date: Fri, 22 Jun 2012 02:25:18 +0200
On 22/06/12 01:14, Benji wrote:
I hear Trustwave are reporting similar issues, like the fact you can specify remote mysql servers in new installations, amazing right? Do you work for them? Btw, with phpmyadmin you can injection sql commands !!!!!!!
:D that was so funny -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Carlos Alberto Lopez Perez http://neutrino.es Igalia - Free Software Engineering http://www.igalia.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- WordPress Authenticated File Upload Authorisation Bypass Denis Andzakovic (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass PsychoBilly (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Greg Knaddison (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Gage Bystrom (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass valdis . kletnieks (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Hector Marco (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Denis Andzakovic (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Benji (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Carlos Alberto Lopez Perez (Jun 21)
- Re: WordPress Authenticated File Upload Authorisation Bypass Gage Bystrom (Jun 21)