[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability

To: "Cru3l.b0y" <cru3l.b0y@xxxxxxxxx>
Subject: Re: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
From: g30rg3_x <g30rg3x@xxxxxxxxx>
Date: Thu, 23 Jul 2009 10:26:12 -0500

Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
'plugins/' "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . 'plugins/*.php' );
if( is_array( $plugins ) ) {
        foreach ( $plugins as $plugin ) {
        if( is_file( $plugin ) )
                require_once( $plugin );
        }
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@xxxxxxxxx>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x

References:
- wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
  - From: Cru3l.b0y

Prev by Date: Re: LifeType 1.2.8 Remote File Inclusion Vulnerability
Next by Date: Stored XSS on Communigate Pro 5.2.14 and prior versions
Previous by thread: wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
Next by thread: Ocean CMS 0.0.2 Remote File Inclusion Vulnerability
Index(es):
- Date
- Thread