DEBIAN-CVE-2005-4463
WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to 1 wp-includes/vars.php, 2 wp-content/plugins/hello.php, 3 wp-admin/upgrade-functions.php, 4 wp-admin/edit-form.php, 5 wp-settings.php, and 6 wp-admin/edit-form-comment.php, which leaks the path ...