Support » Plugin: WordPress Firewall 2 » [Plugin: WordPress Firewall 2] False positive or real Directory Traversal Attack?

  • I received this warning from the plugin several times last night, in the format of:
    thumb.php?img=../../../../../../../../../../../../../../../../../../../etc/passwd%00

    Is this a real attempted attack? Perhaps trying to see if there’s a timthumb-style exploit to be had?
    I want to make sure it’s not a false positive and if it’s real, I’m curious as to what they are trying to do.

    Many thanks for the awesome plugin!

    http://wordpress.org/extend/plugins/wordpress-firewall-2/

  • The topic ‘[Plugin: WordPress Firewall 2] False positive or real Directory Traversal Attack?’ is closed to new replies.