[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Pligg 0.9/1.x remote code execution
- To: BlackHawk <hawkgotyou@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Pligg 0.9/1.x remote code execution
- From: Henri Salo <henri@xxxxxxx>
- Date: Sat, 28 Jul 2012 15:05:27 +0300
On Sat, Jul 21, 2012 at 06:34:46PM +0200, BlackHawk wrote:
> Exploit attached, info inside. 2.0 versions could still be affected
>
> http://pastebin.com/MSXFSvzA
Do you know if these issues have been fixed in some version of Pligg and if
these have CVE-identifiers? I tried to ask this from forum.pligg.com, but my
post was removed.
- Henri Salo
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/