NuytsTech Security

CVE-2006-4208

by ·

Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php.

Date published : 2006-08-17

http://www.securityfocus.com/bid/19504

http://www.securityfocus.com/archive/1/443181/100/0/threaded

Tags: