CVE-2006-4208

EPSS 27.2%

Published: 8/17/2006Modified: 5/27/2026

Description

Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php.

Affected packages (1)

Debian/wordpressfrom 0, < 2.0.5-0.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4208