WordPress <= 2.0.3 - Directory Traversal

Back

Product: WordPress
Description: Because of this vulnerability in wp-db-backup.php, the attackers can read arbitrary files, delete arbitrary files, and cause a denial of service in the "backup" parameter.
Solution: Update WordPress.
Classification: Type Information Disclosure
References: CVE Mitre
CVE: Name CVE-2008-0194
Versions: Affected In <= 2.0.3
Fixed In 2.0.4
Disclosure date: 2008-01-09
Credits: John

ThreatPress