Full Disclosure: Re: WordPress Search Function SQL-Injection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: WordPress Search Function SQL-Injection

From: Biomech <biomech () 2600uk com>
Date: Wed, 28 Feb 2007 12:21:04 +0000

ascii wrote:

Justin Frydman - Thinkweb Media wrote:

Can't replicate this in 2.0.7. Is this only for the 2.1.x branch then?


i have the same feeling

tested on multiple wp instances and can't reproduce on >= 2.0.1 <= 2.0.7

regards, Francesco 'ascii' Ongaro
http://www.ush.it/

Running 2.0.6, I get no effect with the latest Wordpress posts coming 
through SF.
Looks like its a new thing : )

Biomech

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

WordPress Search Function SQL-Injection SaMuschie (Feb 27)
- Re: WordPress Search Function SQL-Injection Justin Frydman - Thinkweb Media (Feb 27)
  - Re: WordPress Search Function SQL-Injection ascii (Feb 27)
    - Re: WordPress Search Function SQL-Injection Biomech (Feb 28)
  - Re: WordPress Search Function SQL-Injection Matthew Flaschen (Feb 27)
- <Possible follow-ups>
- Re: WordPress Search Function SQL-Injection missi (Feb 28)