WordPress Plugin Simple Gmail Login - Stack Trace Information Disclosure

EDB-ID:

38111

CVE:

2012-6313

EDB Verified:

Author:

Aditya Balapure

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2012-12-07

Vulnerable App:

source: https://www.securityfocus.com/bid/56860/info

The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Simple Gmail Login 1.1.3 and prior are vulnerable.

Fatal error: Uncaught exception 'Exception' with message
'DateTimeZone::__construct() [<a
href='datetimezone.--construct'>datetimezone.--construct</a>]: Unknown or bad timezone ()' in
C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php:229
Stack trace: #0
C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php(229): 
DateTimeZone->__construct('') #1
C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php(210): 
SimpleGmail_Plugin->log('Plugin activate...', false) #2 [internal
function]: SimpleGmail_Plugin->activate('') #3
C:\xampp\htdocs\wordpress\wp-includes\plugin.php(403): 
call_user_func_array(Array, Array) #4
C:\xampp\htdocs\wordpress\wp-admin\plugins.php(157): 
do_action('activate_simple...') #5 {main} thrown in C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php
on line 229

Tags: WordPress Plugin

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services