| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Jul 2009 21:29:10 +0300 From: "MustLive" <mustlive@...security.com.ua> To: <bugtraq@...urityfocus.com> Subject: Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability Hello Bugtraq! Vulnerability "wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability" is non-working. Because mentioned RFI doesn't exist. Cru3l.b0y, please, always check all vulnerabilities which you find. As I already said to author of fake vulnerability in WordPress Plugin Related Sites 2.1 (http://websecurity.com.ua/3281/), no need to litter security space in Internet with non-working vulnerabilities. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua > Cru3l.b0y (cru3l b0y gmail com) > > Hi Dear, > I found a new bug. please publish it. > thank you > best regards > ======================================================================== > =================== > > [o] wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion > Vulnerability > > Software : WP Super Cache v0.8.3 > > Vendor : http://wordpress.org/ > > Download : http://downloads.wordpress.org/plugin/wp-super-cache.0.8.3.zip > > Author : Cru3l.b0y > > Home : WwW.DeltaHacking.Net > > Description : A very fast caching engine for WordPress that produces > static html files. > > ======================================================================== > =================== > > [o] Vulnerable file > > wp-cache-phase1.php > > require_once( $plugin ); > > [o] Exploit > > http://localhost/[path]/wp-cache-phase1.php?plugin=shell !DSPAM:4a68ac2539181554220484!
Powered by blists - more mailing lists