|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : SecurityAlert | ||||
 SecurityAlert : 1187 CVE : CVE-2006-3390 CVE : CVE-2006-3389 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : Yes Credit : xzerox linuxmail org Published : 08.07.2006
Advisory Text : Dnia 02-07-2006, nie o godzinie 09:15 +0000, xzerox (at) linuxmail (dot) org [email concealed] napisaÅ?(a): > Example: > > http://localhost/wordpress/index.php?paged=-1 > > Result: > > WordPress database error: [Erreur de syntaxe pr?s de '-20, 10' ? la ligne 1] > SELECT DISTINCT * FROM wp_posts WHERE 1=1 AND post_date_gmt <= '2006-06-29 12:46:59' AND (post_status = "publish") AND post_status != "attachment" GROUP BY wp_posts.ID ORDER BY post_date DESC LIMIT -20, 10 Put this line somewhere in the wp-settings.php file (for example at the end of the code before the do_action(init) call): $wpdb->hide_errors(); > > ~ Full path ~ > > /wp-settings.php > /wp-admin/admin-footer.php > /wp-admin/admin-functions.php > /wp-admin/edit-form.php in line 60 of wp-settings.php change to: error_reporting(0); Now the World is safe. -- js Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
*BSD libc (strfmon) Multiple vulnerabilities
Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected *BSD systems. |
||
| Apache |  |
|
» Apache (mod_status) |
||
» Apache (mod_proxy_ftp) |
||
| PHP | |
|
» PHP 5.2.5 and prior : |
||
- 2008-03-25| Copyright © SecurityReason. All Rights Reserved. |