| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Nov 2011 11:41:53 +0000 From: Ryan Dewhurst <ryandewhurst@...il.com> To: "Webappsec ((((E-mail))))" <webappsec@...urityfocus.com> Subject: WordPress All Versions Full Path Disclosure (FPD) Hi, As part of my research on my tool WPScan, I have run the inspathx tool against every version of WordPress released, excluding BETA and MU releases. The result is this tar file which contains a txt file for every version of WordPress and the Full Path Disclosure vulnerabilities which effect them. This data will soon be implemented into my tool WPScan, however, maybe other people have use for this data too. I hope to raise awareness of the problem of Full Path Disclosure (FPD), make people understand that its not just a configuration problem and hopefully preasure vendors into patching these bugs. Tar file containing the logs -> http://ethicalhack3r.co.uk/files/misc/wp_paths.tar WPScan -> http://code.google.com/p/wpscan/ FPD -> https://www.owasp.org/index.php/Full_Path_Disclosure inspathx -> http://code.google.com/p/inspathx/ Thank you, Ryan Ryan Dewhurst blog www.ethicalhack3r.co.uk twitter www.twitter.com/ethicalhack3r projects www.dvwa.co.uk | www.webwordcount.com | code.google.com/p/wpscan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists