CVE-2006-5705 - Vulnerability Details - OpenCVE

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

OR	cpe:2.3:a:wordpress:wordpress::::::::
	cpe:2.3:a:wordpress:wordpress:2.0.2:::::::*
	cpe:2.3:a:wordpress:wordpress:2.0.3:::::::*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=153303
http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/
http://secunia.com/advisories/22683
http://secunia.com/advisories/22942
http://trac.wordpress.org/changeset/4226
http://wordpress.org/development/2006/10/205-ronan/
http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html
http://www.securityfocus.com/bid/20869
http://www.vupen.com/english/advisories/2006/4307

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-11-04T01:00:00

Updated: 2024-08-07T20:04:54.294Z

Reserved: 2006-11-03T00:00:00

Link: CVE-2006-5705

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-11-04T01:07:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-5705

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-17T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-11-22T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wordpress.org/development/2006/10/205-ronan/"}, {"name": "GLSA-200611-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml"}, {"name": "OpenPKG-SA-2006.027", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html"}, {"name": "22942", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22942"}, {"name": "20869", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20869"}, {"name": "22683", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22683"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://trac.wordpress.org/changeset/4226"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=153303"}, {"name": "ADV-2006-4307", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4307"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5705", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/", "refsource": "CONFIRM", "url": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/"}, {"name": "http://wordpress.org/development/2006/10/205-ronan/", "refsource": "CONFIRM", "url": "http://wordpress.org/development/2006/10/205-ronan/"}, {"name": "GLSA-200611-10", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml"}, {"name": "OpenPKG-SA-2006.027", "refsource": "OPENPKG", "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html"}, {"name": "22942", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22942"}, {"name": "20869", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20869"}, {"name": "22683", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22683"}, {"name": "http://trac.wordpress.org/changeset/4226", "refsource": "CONFIRM", "url": "http://trac.wordpress.org/changeset/4226"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=153303", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=153303"}, {"name": "ADV-2006-4307", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4307"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:04:54.294Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wordpress.org/development/2006/10/205-ronan/"}, {"name": "GLSA-200611-10", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml"}, {"name": "OpenPKG-SA-2006.027", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html"}, {"name": "22942", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22942"}, {"name": "20869", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20869"}, {"name": "22683", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22683"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://trac.wordpress.org/changeset/4226"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=153303"}, {"name": "ADV-2006-4307", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4307"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5705", "datePublished": "2006-11-04T01:00:00", "dateReserved": "2006-11-03T00:00:00", "dateUpdated": "2024-08-07T20:04:54.294Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "00E05023-50E1-42C1-A2EC-A53E88058778", "versionEndIncluding": "2.0.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "92F05A1F-2227-4166-807B-1BDE2EA8F245", "vulnerable": true}, {"criteria": "cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73E23-7CD0-429C-986B-5F721F1696BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request."}, {"lang": "es", "value": "Vulnerabilidad de directorio transversal en plugins/wp-db-backup.php en WordPress anterior a 2.0.5 permite a un atacante remoto leer ficheros de su elecci\u00f3n a trav\u00e9s de secuencias de directorio transversal en par\u00e1metros no especificados relacionados con el backup de fragmentos de ficheros."}], "id": "CVE-2006-5705", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-04T01:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=153303"}, {"source": "cve@mitre.org", "url": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/22683"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/22942"}, {"source": "cve@mitre.org", "url": "http://trac.wordpress.org/changeset/4226"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://wordpress.org/development/2006/10/205-ronan/"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/20869"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4307"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=153303"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://markjaquith.wordpress.com/2006/10/17/changes-in-wordpress-205/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/22683"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22942"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://trac.wordpress.org/changeset/4226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://wordpress.org/development/2006/10/205-ronan/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-10.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.027-wordpress.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/20869"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4307"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}