Directory Traversal Vulnerability in Skippy WP-DB-Backup Plugin for WordPress
CVE-2006-4208

Currently unrated

Key Information:

Vendor

Wordpress
Status
WP-db Backup Plugin For WordPress
Vendor
CVE Published:
17 August 2006

What is CVE-2006-4208?

A directory traversal vulnerability exists in the wp-db-backup.php script of the Skippy WP-DB-Backup plugin for WordPress versions 1.7 and earlier. This flaw allows an attacker with administrative privileges to exploit the backup parameter to read arbitrary files from the server by manipulating the file path through the use of '..' sequences. This can lead to unauthorized access to sensitive information stored on the server, potentially compromising the security of the entire system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/21486
third-party-advisoryx_refsource_SECUNIA
http://trac.wordpress.org/changeset/4095
x_refsource_CONFIRM
http://www.skippy.net/blog/category/wordpress/plugins/wp-...
x_refsource_CONFIRM

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.