|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1187 CVE : CVE-2006-3390 CVE : CVE-2006-3389 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : xzerox linuxmail org Published : 08.07.2006
Advisory Content : Dnia 02-07-2006, nie o godzinie 09:15 +0000, xzerox (at) linuxmail (dot) org [email concealed] napisaÅ?(a): > Example: > > http://localhost/wordpress/index.php?paged=-1 > > Result: > > WordPress database error: [Erreur de syntaxe pr?s de '-20, 10' ? la ligne 1] > SELECT DISTINCT * FROM wp_posts WHERE 1=1 AND post_date_gmt <= '2006-06-29 12:46:59' AND (post_status = "publish") AND post_status != "attachment" GROUP BY wp_posts.ID ORDER BY post_date DESC LIMIT -20, 10 Put this line somewhere in the wp-settings.php file (for example at the end of the code before the do_action(init) call): $wpdb->hide_errors(); > > ~ Full path ~ > > /wp-settings.php > /wp-admin/admin-footer.php > /wp-admin/admin-functions.php > /wp-admin/edit-form.php in line 60 of wp-settings.php change to: error_reporting(0); Now the World is safe. -- js  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |