Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Wordpress Exploit

  1. #11
    This is what my blog looks like:

    $charset = $_POST['charset'];

    if(strlen($charset) > 50)
    die;

    // These three are stripslashed here so that they can be properly escaped after

    Quote Originally Posted by Snak3 View Post
    @nux
    can you show where exactly in wp-trackback.php have we to paste the following code as mentioned by you in your blog post :
    Code:
    if(strlen($charset) > 50)
    die;
    I understand line 47 but to be precise
    I mean, before what and after what piece of code should it come/appear.
    Submit Your Proxies @ NewProxySites.com

  2. Should we just remove the trackback.php file from the wordpress folder? Or rename it so its not usable until a full patch is released?

  3. #13
    The code I showed you will fix the problem. I've tested it myself.
    Submit Your Proxies @ NewProxySites.com

  4. #14
    Quote Originally Posted by nux View Post
    This is what my blog looks like:

    $charset = $_POST['charset'];

    if(strlen($charset) > 50)
    die;

    // These three are stripslashed here so that they can be properly escaped after
    Thnx a bunch, done on my WP blog

  5. #15
    Wordpress has released an update, 2.8.5 which fixes this issue.
    Submit Your Proxies @ NewProxySites.com

  6. just download and installed 2.8.5

    Thanks for the heads up

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Replies: 19
    Last Post: 9 July, 2011, 06:44 AM
  2. Replies: 0
    Last Post: 1 December, 2009, 16:30 PM
  3. Fix Proxy Listing Exploit
    By chetan in forum Web Proxies
    Replies: 24
    Last Post: 25 September, 2009, 18:34 PM
  4. iPhone Exploit Exposed at Black Hat
    By m42 in forum Tech-Talk
    Replies: 5
    Last Post: 1 August, 2009, 12:03 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •