Lucene search

K

[email protected]NVD:CVE-2006-5705

HistoryNov 04, 2006 - 1:07 a.m.

CVE-2006-5705

2006-11-0401:07:00

[email protected]

web.nvd.nist.gov

5

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

71.6%

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.

Affected configurations

Nvd

Node

wordpresswordpressRange≤2.0.4

OR

wordpresswordpressMatch2.0.2

OR

wordpresswordpressMatch2.0.3

References

bugs.gentoo.org/show_bug.cgi?id=153303

markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/

secunia.com/advisories/22683

secunia.com/advisories/22942

trac.wordpress.org/changeset/4226

wordpress.org/development/2006/10/205-ronan/

www.gentoo.org/security/en/glsa/glsa-200611-10.xml

www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html

www.securityfocus.com/bid/20869

www.vupen.com/english/advisories/2006/4307

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

71.6%

Related for NVD:CVE-2006-5705

openvas2 nessus1 securityvulns1 cvelist2 cve2 gentoo1 ubuntucve2 patchstack1 debiancve2 prion1 nvd1