Directory Traversal Vulnerability in Skippy WP-DB-Backup Plugin for WordPress
CVE-2006-4208
Currently unrated
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 17 August 2006
What is CVE-2006-4208?
A directory traversal vulnerability exists in the wp-db-backup.php script of the Skippy WP-DB-Backup plugin for WordPress versions 1.7 and earlier. This flaw allows an attacker with administrative privileges to exploit the backup parameter to read arbitrary files from the server by manipulating the file path through the use of '..' sequences. This can lead to unauthorized access to sensitive information stored on the server, potentially compromising the security of the entire system.