Donation Goal
Donate Now Goal amount for this year: 799 USD, Received: 100 USD (13%)
Please donate to help support this website. The funds will be used to purchase owned license of LiteSpeed Web Server Enterprise (2-CPU). It provides superior performance in terms of raw speed, scalability and anti-DDoS capabilities.

WP-DB Backup 1.7 directory traversal exploit

Posted By Raymond In Category: Computer

Aug
29
2006

The famous WP-DB Backup plugin for WordPress is vulnerable to directory traversal attack. marc & shb from ssteam discovered this vulnerability about a week ago and the author of WP-DB Backup was not informed about it.

Proof of Concept:
You must have administrator rights in the wordpress blog to exploit this vulnerability.

http://path-to-wordpress/wp-admin/edit.php?page=wp-db-backup.php&backup=

../../../../../etc/passwd

The author of WP-DB Backup currently doesn’t have a fix for this exploit. Disabling the plugin will not fix the problem. You can either rename or delete the plugin for temporary fix. If your wordpress blog site has a few admins, then you definately need to fix this problem.

Good news is, Ryan Boren has a fix for the directory traversal vulnerability.


Related posts:
  • Best Backup and Synchronization Software
  • Hack Hotmail using XSS exploit
  • Easily Backup Files to GMail with a click
  • Copyright © 2005-2012 - Raymond.CC Blog