264 matches found
GLSA-200611-10 : WordPress: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200611-10 WordPress: Multiple vulnerabilities 'random' discovered that users can enter serialized objects as strings in their profiles that will be harmful when unserialized. 'adapter' found out that user-edit.php fails to...
DEBIAN-CVE-2006-5705
Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the 1 backup and 2 fragment parameters in a GET request...
CVE-2006-4208
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...
CVE-2006-4208
CVE-2006-4208 describes a directory traversal in the Skippy WP-DB-Backup WordPress plugin (versions 1.7 and earlier). The flaw exists in wp-db-backup.php where an authenticated user with administrative privileges can read arbitrary files by supplying a ".." in the backup parameter to edit.php. Th...