3 matches found
Directory traversal
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 default-filters.php, 2 template-loader.php, 3 rss-functions.php, 4 locale.php, 5 wp-db.php, and 6 kses.php in the wp-includes/ directory; and 7 edit-form-advanced.php, 8...
CVE-2005-1688
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in 1 wp-content/themes/, 2 wp-includes/, or 3 wp-admin/, which reveal the path in an error message...
CVE-2005-1688
CVE-2006-0986 affects WordPress 2.0.1 and earlier. The vulnerability allows remote attackers to obtain sensitive information by requesting specific files in wp-includes/ and wp-admin/ (e.g., default-filters.php, template-loader.php, rss-functions.php, locale.php, wp-db.php, kses.php; edit-form-ad...