Directory Traversal Vulnerability in Skippy WP-DB-Backup Plugin for WordPress
CVE-2006-4208

Currently unrated

Key Information:

Vendor

Wordpress

Vendor
CVE Published:
17 August 2006

What is CVE-2006-4208?

A directory traversal vulnerability exists in the wp-db-backup.php script of the Skippy WP-DB-Backup plugin for WordPress versions 1.7 and earlier. This flaw allows an attacker with administrative privileges to exploit the backup parameter to read arbitrary files from the server by manipulating the file path through the use of '..' sequences. This can lead to unauthorized access to sensitive information stored on the server, potentially compromising the security of the entire system.

References

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.