CVE-2006-5705 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5705
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5705

Description: Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.

CVE Status: Candidate

References: SAID Secunia Advisory: SA22683 Secunia Advisory: SA22942 OPENPKG http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=153303 http://trac.wordpress.org/changeset/4226 http://wordpress.org/development/2006/10/205-ronan/ http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/ BID 20869

Return to the previous page.