Full Disclosure mailing list archives
Re: WordPress User Account Information Leak / Secunia Advisory SA23621
From: Maksymilian <max () cert cx>
Date: Fri, 5 Jul 2013 14:46:41 +0200
2013/7/5 adam <adam () papsy net>
Why wouldn't they simply offer it as a feature in future versions, even if they left it disabled? It's clearly doing harm by not being an option, and would do what exactly for it to be an option? Waste 3 minutes of a developer's time?
CWE-204 for WordPress and Drupal? http://cwe.mitre.org/data/definitions/204.html CVE request? Similar vulnerabilities with CVE http://cxsecurity.com/cveshow/CVE-2005-1650 http://cxsecurity.com/cveshow/CVE-2004-0294 Maksymilian A http://cxsecurity.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Maksymilian (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Dan Ballance (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 adam (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Dan Ballance (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Alex (Jul 08)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Ryan Dewhurst (Jul 08)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Dan Ballance (Jul 08)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 adam (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Maksymilian (Jul 05)
- Re: WordPress User Account Information Leak / Secunia Advisory SA23621 Dan Ballance (Jul 05)