Full Disclosure mailing list archives
WordPress All Versions Full Path Disclosure (FPD)
From: Ryan Dewhurst <ryandewhurst () gmail com>
Date: Tue, 8 Nov 2011 11:41:53 +0000
Hi, As part of my research on my tool WPScan, I have run the inspathx tool against every version of WordPress released, excluding BETA and MU releases. The result is this tar file which contains a txt file for every version of WordPress and the Full Path Disclosure vulnerabilities which effect them. This data will soon be implemented into my tool WPScan, however, maybe other people have use for this data too. I hope to raise awareness of the problem of Full Path Disclosure (FPD), make people understand that its not just a configuration problem and hopefully preasure vendors into patching these bugs. Tar file containing the logs -> http://ethicalhack3r.co.uk/files/misc/wp_paths.tar WPScan -> http://code.google.com/p/wpscan/ FPD -> https://www.owasp.org/index.php/Full_Path_Disclosure inspathx -> http://code.google.com/p/inspathx/ Thank you, Ryan Ryan Dewhurst blog www.ethicalhack3r.co.uk twitter www.twitter.com/ethicalhack3r projects www.dvwa.co.uk | www.webwordcount.com | code.google.com/p/wpscan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- WordPress All Versions Full Path Disclosure (FPD) Ryan Dewhurst (Nov 08)