[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-0194

Date: (C)2008-01-09   (M)2015-12-16
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.

Reference:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
SECUNIA-29014
SREASON-3539
DSA-1502
http://securityvulns.ru/Sdocument755.html
http://websecurity.com.ua/1676/

CWE    1
CWE-22
OVAL    1
oval:org.mitre.oval:def:8110

© 2013 SecPod Technologies