Description
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.
Remediation
References
Related Vulnerabilities
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2015-0242)
Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)
WordPress Plugin Premium Blocks for Gutenberg Unspecified Vulnerability (1.7.4)
Coppermine Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7186)
WordPress Plugin Simple Job Board Directory Traversal (2.9.3)