Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability
From: Milan Berger <m.berger () project-mindstorm net>
Date: Mon, 21 Jan 2013 12:42:31 +0100

Hi,

The issue can be seen only when PHP's display_errors is set to On.
I have setup a default installation of wordpress 3.5 to display the
issue. It can be accessed via the URL:
http://blog.gilgalab.com.br/?s[]=1

this is a configuration error on your side, not on wordpress' one.



-- 
Kind Regards

Milan Berger
Project-Mindstorm Technical Engineer

---
project-mindstorm.net
Fruehlingstrasse 4 
90537 Feucht
Germany

Mob.: +49 176 22 98 76 02

https://www.ghcif.de
http://www.nopaste.info (for sale)
https://www.digital-bit.ch
http://www.project-mindstorm.net


twitter: http://twitter.com/twit4c


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault