• root

    • 0day Remote Code Execution exploits for Wordpress 1.5.1.3

    Posted by toxicle on 12th August 2005 in Hacks, Security, Wordpress

    Wordpress 1.5.1.3 users. Please take note. A few 0day exploits are floating around here, here and here.

    There is a remote code execution vulnerability found on Wordpress 1.5.1.3. A Wordpress update should be on the way. For the time being, turn off register_globals.

    I just added
    php_flag register_globals off
    into my .htaccess file on my www root directory.

    Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
    • Digg
    • del.icio.us
    • StumbleUpon
    • Spurl
    • Furl
    • Reddit
    • Netvouz
    • BlinkList
    • co.mments
    • Fark
    • Ma.gnolia
    • Netscape
    • NewsVine
    • Shadows
    • Simpy
    • Slashdot
    • Smarking
    • TailRank
    • Technorati
    • YahooMyWeb
    • blinkbits
    • blogmarks

    Probably Related


    2 Comments so far

    1. Kris Khaira on August 13th, 2005

      Thanks, patched it on my sites running Wordpress.

    2. Niresh on August 13th, 2005

      Luckily mine are turned off by default.. I guess :)

    Leave a reply