New User, Welcome!     Login

web standards

Advisory 05/2008: Wordpress user_login Column SQL Truncation Vulnerability

Overview:

   Quote from http://www.wordpress.org
   "WordPress is a state-of-the-art publishing platform with a focus 
    on aesthetics, web standards, and usability. WordPress is both 
    free and priceless at the same time."

   During research on MySQL Column Truncation Vulnerabilities it was
   discovered that the user registration system of Wordpress is not
   protected against this kind of attack. Further research then

WordPress Charset SQL injection vulnerability (re-resend)

1. Summary

  Quoting from http://wordpress.org/:
    WordPress is a state-of-the-art semantic personal publishing platform
    with a focus on aesthetics, web standards, and usability.
    What a mouthful. WordPress is both free and priceless at the same time.

  It is found that the search function provided within WordPress fails to
  sanitize input based on different character sets. So if WordPress tries
  to query MySQL database using certain specific character sets, WordPress

[waraxe-2007-SA#059] - XSS in WordPress 2.3

Target software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WordPress is a state-of-the-art semantic personal publishing platform
with a focus on aesthetics, web standards, and usability.

To run WordPress your host just needs a couple of things:

PHP version 4.2 or greater 
MySQL version 4.0 or greater

Minimo .2 and more Firefox 2.0.0.6 Password Manager Vulnerabilites

 From the website: http://www.mozilla.org/projects/minimo/

Minimo uses Mozilla Technologies to produce a highly usable web browser 
for advanced mobile devices. Features include:
* Fast access to your mobile content via Homebase start page
* Best support for modern web standards (Javascript and AJAX).
* Social Bookmarking
* Tab browsing
* RSS Support
* Proven security (TLS, SSL3)
* International support

WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

-------------------------
WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

II. BACKGROUND
-------------------------
WordPress is a state-of-the-art publishing platform with a focus on aesthetics, web standards, 
and  usability. WordPress is both free and priceless at the same time. More simply, WordPress is
what you use when you want to work with your blogging software, not fight it.

III. DESCRIPTION
-------------------------


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!