WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)

A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter. id: CVE-2011-1669 info: name: WP Custom Pages 0.5.0.1 - Local File Inclusion LFI...

EUVD-2011-1669

Malware in sbrugna...

CVE-2011-1669

Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter...

Directory traversal

Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter...

CVE-2011-1669

The CVE-2011-1669 entry corresponds to a directory traversal (Local File Inclusion) vulnerability in the WordPress WP Custom Pages plugin, affecting version 0.5.0.1. According to connected sources, the flaw resides in wp-download.php and allows remote attackers to read arbitrary server files by s...