With this security vulnerability, your admin password can be reset if your wordpress version <=2.8.3.  For more information about exploit visit: http://www.milw0rm.com/exploits/9410 Solution: open wp-login.php Find this line if ( empty( $key ) ) and change with this: if ( empty( $key ) || is_array( $key ) ) or patch: http://wordpress.org/development/2009/08/2-8-4-security-release/ Related posts Mysql password … Read more →

It is very important to check your data that you take with $_GET before use. You can use $_Get in some cases , in each case there are some different measures to be taken. For example if you use sth like that if(isset($_GET[ex])) include($_GET[ex]); If you use this codes, bad users can include any page … Read more →