12 matches found
EUVD-2014-1142
Malware in sbrugna...
CVE-2014-10076
The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack...
CVE-2014-10076
CVE-2014-10076 affects the WordPress plugin WP-DB-Backup (v2.2.4). The vulnerability arises because access control relies on a five-character string, enabling remote attackers to read backup archives via brute-force. Documents consistently describe this as a credential/authorization weakness allo...
DEBIAN-CVE-2008-0193
Cross-site scripting XSS vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php...
DEBIAN-CVE-2006-5705
Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the 1 backup and 2 fragment parameters in a GET request...
wordpressTraverse.txt
Hi all, Software: WP-DB Backup Plugin for Wordpress Homepage: http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/ Description: WP-DB Backup is vulnerable to directory traversal attack. You must have administrator rights in the wordpress blog to exploit this vulnerability. PoC:...
CVE-2006-4208
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...
CVE-2006-4208
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...
CVE-2006-4208
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...
CVE-2006-4208
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. dot dot in the backup parameter to edit.php...
CVE-2006-4208
CVE-2006-4208 describes a directory traversal in the Skippy WP-DB-Backup WordPress plugin (versions 1.7 and earlier). The flaw exists in wp-db-backup.php where an authenticated user with administrative privileges can read arbitrary files by supplying a ".." in the backup parameter to edit.php. Th...
WordPress Plugin WP-DB Backup 1.61.7 - edit.php Directory Traversal
WordPress Plugin WP-DB Backup 1.61.7 - edit.php Directory Traversal source: https://www.securityfocus.com/bid/19504/info WP-DB Backup For Wordpress is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability...