ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.0.3 - Full Path Disclosure

Product
WordPress
Description
Because of this vulnerabilitity, attackers can obtain the installation path via a direct request to various files (for the example, wp-includes directories, wp-content, and wp-admin).
Solution
Update the WordPress to the latest available version (at least 2.0.4).
Classification
Type Full path disclosure (FPD)
References
CVE Mitre
CVE
Name CVE-2006-3390
Versions
Affected In <= 2.0.3
Fixed In 2.0.4
Disclosure date
2006-07-06
Credits
Zero
Submitter
ThreatPress