Hello, I find it extremely hard to call this a wget vulnerability when SO many other things are wrong with that 'vulnerable code' implementation it isn't even funny:
1. The image_importer.php script takes a single argument, why would it download with the recursive switch turned on? Isn't that clearly a bug in the php script? Has a php script like this that downloads all files from a website of a particular extension ever been observed in the wild? 2. A *well* configured server would have a whitelist of .php files it will execute, making it immune to this. A *decently* configured server would always at a minimum make sure they don't execute code in directories with user provided uploads in them. So it's additionally a bug in the server configuration. (incidentally every php package I've downloaded has at minimum a .htaccess in upload directories to prevent this kind of thing with apache) It seems to me like there has always been plenty of ways to shoot yourself in the foot with PHP, and this is just another iteration on a theme. Just my 2 cents, Thanks!
