Secunia Logo  


Secunia PSI WorldMap
 
CVE Reference: CVE-2006-5705
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-5705

Description:
Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA22683
  Secunia Advisory: SA22942

OPENPKG
  http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml

CONFIRM
  http://bugs.gentoo.org/show_bug.cgi?id=153303
  http://trac.wordpress.org/changeset/4226
  http://wordpress.org/development/2006/10/205-ronan/
  http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/

BID
  20869


Return to the previous page.