BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Jan 16 2013 09:41AM
Paolo Perego (thesp0nge gmail com)
Beni, looking at the source code, filename_1 is referenced only in
gllr_plugin_install and its value is hardcoded and not taken from the
request.

Are you sure it's filename_1 the parameter affected?

Paolo

On 11 January 2013 10:06, Henri Salo <henri (at) nerv (dot) fi [email concealed]> wrote:
> On Thu, Jan 10, 2013 at 01:01:...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus