|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
08-02-2007, 05:50 AM
|
#1 |
|
Confirmed User
Join Date: May 2004
Location: 4 8 15 16 23 42
Posts: 4,444
|
Wordpress 2.2.1 extremely vulnerabe to XSS - Warning
If you are running wordpress 2.2.1, everybody could inject links, post, delete stuff, this exploit basically gives full admin rights !
http://mybeni.rootzilla.de/mybeNi/20...rst_blog_worm/ Pay attention to "7.", that's what you have to worry about, the attack needs no authentication at all and your blog can be hijacked in a minute. |
|
|
|
08-02-2007, 05:54 AM
|
#2 |
|
Confirmed User
Join Date: Jun 2007
Posts: 112
|
thanks for the heads up
|
|
|
|
|
08-02-2007, 06:07 AM
|
#3 |
|
Adult Content Provider
Industry Role:
Join Date: May 2005
Location: Europe
Posts: 18,243
|
Thank you.
|
|
|
|
|
08-02-2007, 06:31 AM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Aug 2002
Location: Qc
Posts: 3,006
|
Thanks man!
__________________
rssEVOLUTION : Produce a FULL website with ANY RSS feed(s) in seconds. contentSOLUTION : Allowing you to automatically grab articles from article directories, import as many text files as you want at once, grab ANY content from ANY RSS feed, and scrape search engines, instantly. |
|
|
|
|
08-02-2007, 06:34 AM
|
#5 |
|
Confirmed User
Join Date: Oct 2001
Location: BMore, MD
Posts: 588
|
Good heads up.. Thanks!
B- |
|
|
|
|
08-02-2007, 06:59 AM
|
#6 |
|
Confirmed User
Join Date: May 2007
Posts: 3,119
|
nice info!. thanks
__________________
OnProbation Links Directory | OnProbation Design Services | OnProbation Cash |
|
|
|
|
08-02-2007, 07:31 AM
|
#7 |
|
Damn Right I Kiss Ass!
Industry Role:
Join Date: Dec 2003
Location: Cowtown, USA
Posts: 32,409
|
I have not found any machines yet that this #7 exploit works on.
|
|
|
|
|
08-02-2007, 12:38 PM
|
#8 |
|
Beer Money Baron
Industry Role:
Join Date: Jan 2001
Location: brujah / gmail
Posts: 22,157
|
Did you install the "worm" he created to fix your broken blogs?
__________________
|
|
|
|
