lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 14 Jan 2013 19:26:56 +0200
From: "MustLive" <>
To: <>, <>,
	"1337 Exploit DataBase" <>
Subject: IL, XSS, FPD, AoF, DoS,
	AFU vulnerabilities in Daily Edition Mouss theme for WordPress

Hello list!

I want to warn you about multiple vulnerabilities in Daily Edition Mouss 
theme for WordPress.

In 2011 when I wrote about Cross-Site Scripting (WASC-08), Full path 
disclosure (WASC-13), Abuse of Functionality (WASC-42) and Denial of Service 
(WASC-10) vulnerabilities in TimThumb and multiple themes for WordPress 
(, and later also was disclosed Arbitrary 
File Uploading (WASC-31) vulnerability, I've mentioned about Daily Edition 
theme among vulnerable themes for WordPress.

Ashiyane Digital Security Team released advisory about SQL injection 
vulnerability in Daily Edition Mouss theme 
I'll supplement it with new vulnerabilities. It looks like that this is 
Daily Edition from WooThemes (original version under different path at the 
site or modified version of the theme). So besides SQL Injection it also has 
holes from TimThumb and many other vulnerabilities.

These are Information Leakage, Cross-Site Scripting, Full path disclosure, 
Abuse of Functionality, Denial of Service and Arbitrary File Upload 

Affected products:

Vulnerable are all versions of Daily Edition Mouss theme for WordPress (to 
SQLi, IL, XSS, FPD and to AoF, DoS, AFU only earlier versions are 


Information Leakage (SQL DB Structure Extraction) (WASC-13):


Leakage of SQL query with tables' names (including table prefix).

XSS (WASC-08):


Full path disclosure (WASC-13):


Besides index.php there are also potentially FPD in other php-files of this 

XSS (WASC-08):


Full path disclosure (WASC-13):




Abuse of Functionality (WASC-42):

(bypass of restriction on domain, if such restriction is turned on)

DoS (WASC-10):

(bypass of restriction on domain, if such restriction is turned on)

About such Abuse of Functionality and Denial of Service vulnerabilities you 
can read in my article Using of the sites for attacks on other sites 

Arbitrary File Upload (WASC-31):


AoF, DoS, AFU vulnerabilities are not working in last version of the theme 
(where I've tested them). It can be due to protection against AFU hole in 
TimThumb. But they must work in earlier versions of this theme.


2013.01.13 - found vulnerabilities.
2013.01.14 - disclosed to the lists.

Best wishes & regards,
Administrator of Websecurity web site 

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists