wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability

--001485f6cd06d5d30b046f5752d7
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi Dear,
I found a new bug. please publish it.
thank you
best regards

--001485f6cd06d5d30b046f5752d7
Content-Type: text/plain; charset=US-ASCII; name="WP Super Cache v0.8.3.txt"
Content-Disposition: attachment; filename="WP Super Cache v0.8.3.txt"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_cyx3po9s0

PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KDQoNCiAgW29dIHdvcmRwcmVzcyBw
bHVnaW5zIFdQIFN1cGVyIENhY2hlIHYwLjguMyBSZW1vdGUgRmlsZSBJbmNsdXNpb24gVnVsbmVy
YWJpbGl0eQ0KDQogICAgICAgU29mdHdhcmUgICAgIDogIFdQIFN1cGVyIENhY2hlIHYwLjguMw0K
ICAgICAgIFZlbmRvciAgICAgICA6ICBodHRwOi8vd29yZHByZXNzLm9yZy8NCiAgICAgICBEb3du
bG9hZCAgICAgOiAgaHR0cDovL2Rvd25sb2Fkcy53b3JkcHJlc3Mub3JnL3BsdWdpbi93cC1zdXBl
ci1jYWNoZS4wLjguMy56aXANCiAgICAgICBBdXRob3IgICAgICAgOiAgQ3J1M2wuYjB5DQogICAg
ICAgSG9tZSAgICAgICAgIDogIFd3Vy5EZWx0YUhhY2tpbmcuTmV0DQogICAgICAgRGVzY3JpcHRp
b24gIDogIEEgdmVyeSBmYXN0IGNhY2hpbmcgZW5naW5lIGZvciBXb3JkUHJlc3MgdGhhdCBwcm9k
dWNlcyBzdGF0aWMgaHRtbCBmaWxlcy4NCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT0NCg0KICBbb10gVnVsbmVyYWJsZSBmaWxlDQoNCiAgICAgICAgIHdwLWNhY2hlLXBoYXNlMS5w
aHANCg0KCSAgICAgICAgcmVxdWlyZV9vbmNlKCAkcGx1Z2luICk7DQoJDQoJDQogIFtvXSBFeHBs
b2l0DQoNCiAgICAgICAgICAgIGh0dHA6Ly9sb2NhbGhvc3QvW3BhdGhdL3dwLWNhY2hlLXBoYXNl
MS5waHA/cGx1Z2luPXNoZWxsDQoJICAgDQo=
--001485f6cd06d5d30b046f5752d7--


Replies to this exploit:

From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x


From: g30rg3_x g30rg3x@gmail.com
Sent: Thu 23. Jul 2009 10:26
Hi Cru3l.b0y,

$plugin came from $plugins array which is filled by the glob function
which find all " *.php " files that reside under " WPCACHEHOME .
plugins/ "...
Snippet Code from wp-cache-phase1.php at version 0.8.3:
$plugins = glob( WPCACHEHOME . plugins/*.php );
if( is_array( $plugins ) ) {
	foreach ( $plugins as $plugin ) {
	if( is_file( $plugin ) )
		require_once( $plugin );
	}
}

Therefore there is no exploitable security vulnerability.

Regards
PS: Version 0.8.3 is too old, next time try the latest stable version
(0.9.5 at the moment).

2009/7/22 Cru3l.b0y <cru3l.b0y@gmail.com>:
> Hi Dear,
> I found a new bug. please publish it.
> thank you
> best regards
>
_________________________
             g30rg3_x