Notice (8): file_put_contents(): Write of 274 bytes failed with errno=28 No space left on device [CORE/src/Log/Engine/FileLog.php, line 140]

Notice: file_put_contents() [function.file-put-contents]: Write of 1108 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Notice (8): unserialize() [<a href='https://secure.php.net/function.unserialize'>function.unserialize</a>]: Error at offset 4079 of 4085 bytes [APP/Controller/NewsController.php, line 5571]

Notice: file_put_contents() [function.file-put-contents]: Write of 2757 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Undefined array key "nsort" [APP/Controller/NewsController.php, line 3613]

Notice: file_put_contents() [function.file-put-contents]: Write of 2073 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Trying to access array offset on value of type null [APP/Controller/NewsController.php, line 3613]

Notice: file_put_contents() [function.file-put-contents]: Write of 2097 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Undefined array key "nsort" [APP/Controller/NewsController.php, line 3613]

Notice: file_put_contents() [function.file-put-contents]: Write of 2073 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Trying to access array offset on value of type null [APP/Controller/NewsController.php, line 3613]

Notice: file_put_contents() [function.file-put-contents]: Write of 2097 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Notice (8): unserialize() [<a href='https://secure.php.net/function.unserialize'>function.unserialize</a>]: Error at offset 4067 of 4085 bytes [APP/Controller/NewsController.php, line 5571]

Notice: file_put_contents() [function.file-put-contents]: Write of 2487 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
注意!WordPress默认主题存在跨站攻击漏洞 - 站长搜索
首页 > 资讯列表 > 科技资讯 >>

注意!WordPress默认主题存在跨站攻击漏洞

Warning (2): Undefined array key "nsort" [ROOT/plugins/Kuhuang/templates/Websites/view.php, line 430]
Notice: file_put_contents() [function.file-put-contents]: Write of 2421 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Trying to access array offset on value of type null [ROOT/plugins/Kuhuang/templates/Websites/view.php, line 430]

Notice: file_put_contents() [function.file-put-contents]: Write of 2445 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
">
Warning (2): Undefined array key "nsort" [ROOT/plugins/Kuhuang/templates/Websites/view.php, line 430]

Notice: file_put_contents() [function.file-put-contents]: Write of 2421 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
Warning (2): Trying to access array offset on value of type null [ROOT/plugins/Kuhuang/templates/Websites/view.php, line 430]

Notice: file_put_contents() [function.file-put-contents]: Write of 2445 bytes failed with errno=28 No space left on device in /www/wwwroot/www.adminso.com/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 140
2015-05-07 18:09:05 转载来源: 网络整理/侵权必删

根据外媒arstechnica援引国外安全研究机构sucuri.net的报告称,WordPress的默认主题TwentyFourteen存在跨站攻击漏洞。此漏洞允许攻击者使用该主题内置的一个ico图标生成文件(genericons)来进行攻击,研究机构称,漏洞来自此ico图标生成文件,所以任何应用了此功能的主题或者插件都受到了影响,目前已知的有默认主题TwentyFourteen和插件jetpack(安装次数超过100万)受此影响

根据外媒arstechnica援引国外安全研究机构sucuri.net的报告称,WordPress默认主题TwentyFourteen存在跨站攻击漏洞。此漏洞允许攻击者使用该主题内置的一个ico图标生成文件(genericons)来进行攻击,研究机构称,漏洞来自此ico图标生成文件,所以任何应用了此功能的主题或者插件都受到了影响,目前已知的有默认主题TwentyFourteen和插件jetpack(安装次数超过100万)受此影响。

▲ 漏洞文件

该漏洞的验证地址如下:

安全人员建议开启网站防火墙的WAF攻击防御措施来抵御此攻击。当然彻底修复该漏洞的方法也很简单,直接删除目录genericons即可避免。

▲ 漏洞演示

目前GoDaddy等主机商和公司已经主动修复该漏洞,但截至发稿前从官方网站下载的最新版WordPress4.2.1依然存在此目录和漏洞。

标签: 注意 WordPress 默认 主题 存在 跨站 攻击 漏洞


声明:本文内容来源自网络,文字、图片等素材版权属于原作者,平台转载素材出于传递更多信息,文章内容仅供参考与学习,切勿作为商业目的使用。如果侵害了您的合法权益,请您及时与我们联系,我们会在第一时间进行处理!我们尊重版权,也致力于保护版权,站搜网感谢您的分享!

站长搜索

http://www.adminso.com

Copyright @ 2007~2025 All Rights Reserved.

Powered By 站长搜索

打开手机扫描上面的二维码打开手机版


使用手机软件扫描微信二维码

关注我们可获取更多热点资讯

站长搜索目录系统技术支持