Archive for July, 2009

2

WordPress Plugin DM Albums 1.9.2 vulnerabilities

Posted by DK
July 1, 2009

DM Albums™ is an inline photo album/gallery plugin that displays high quality images and thumbnails perfectly sized to your blog.
Two vulnerabilities have been made public:
1. Stack released  a “remote file disclosure vulnerability” (Low-Medium Risk Level)
2. Septemb0x released a “remote file include vulnerability” (Critical Risk Level)
An attacker could use these vulnerabilities to potentially gain full access [...]

3

WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability

Posted by DK
July 1, 2009

A critical vulnerability has been discovered in the WordPress Plugin Related Sites plugin. An exploit is available in the wild and available on Milw0rm, making this attack easier to exploit.
Although, the vulnerability says that version 2.1 is vulnerable. You should assume previous versions are vulnerable as well.
BlogSec have confirmed that the current version (at the [...]