CVE-2008-0194

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
10/01/2008
Last modified:
09/04/2025

Description

Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* 2.0.3 (including)