ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.0.3 - Directory Traversal

Product
WordPress
Description
Because of this vulnerability in wp-db-backup.php, the attackers can read arbitrary files, delete arbitrary files, and cause a denial of service in the "backup" parameter.
Solution
Update WordPress.
Classification
Type Information Disclosure
References
CVE Mitre
CVE
Name CVE-2008-0194
Versions
Affected In <= 2.0.3
Fixed In 2.0.4
Disclosure date
2008-01-09
Credits
John