Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability
From: Henrique Montenegro <typoon () gmail com>
Date: Mon, 21 Jan 2013 08:59:06 -0200

The issue can be seen only when PHP's display_errors is set to On.
I have setup a default installation of wordpress 3.5 to display the issue.
 It can be accessed via the URL: http://blog.gilgalab.com.br/?s[]=1

Regards,

Henrique



On Mon, Jan 21, 2013 at 7:59 AM, Agostino Sarubbo <ago () gentoo org> wrote:

On Monday 21 January 2013 00:11:54 Kurt Seifried wrote:
I can't get this to work anywhere. Does it require a specific theme or
configuration? Do you have details that can aid in reproduction?

I can't reproduce too.
--
Agostino Sarubbo / ago -at- gentoo.org
Gentoo Linux Developer


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]