[CLOSE] OSVDB ID : 43594 - Disclosed: 2008-01-03

Description:

(Description Provided by CVE) : Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.

[CLOSE] OSVDB ID : 43549 - Disclosed: 2008-01-03

Description:

(Description Provided by CVE) : WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.

[CLOSE] OSVDB ID : 43564 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/admin.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' or 'import' variables.

[CLOSE] OSVDB ID : 43560 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/themes.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43586 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/edit.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43572 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/templates.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43571 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/edit-pages.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43570 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/categories.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43565 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/edit-comments.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43569 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/moderation.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43568 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/post.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43577 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/page-new.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43576 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/index.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43561 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/link-manager.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43593 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/link-add.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43575 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/link-categories.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43574 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/link-import.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43573 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/theme-editor.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43582 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/plugin-editor.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43566 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/profile.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43581 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/users.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43580 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-general.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43578 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-writing.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43585 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-reading.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43562 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-discussion.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43592 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-permalink.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43584 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options-misc.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43583 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/import.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43591 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/admin.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43590 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/bookmarklet.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43567 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/cat-js.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43589 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/inline-uploading.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43588 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/options.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43579 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/profile-update.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43587 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/sidebar.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 43563 - Disclosed: 2008-01-03

Description:

WordPress contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the /wp-admin/user-edit.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'page' variable.

[CLOSE] OSVDB ID : 51235 - Disclosed: 2008-01-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 57224 - Disclosed: 2008-01-02

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 42765 - Disclosed: 2008-01-02

Description:

(Description Provided by CVE) : Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password.

[CLOSE] OSVDB ID : 42766 - Disclosed: 2008-01-02

Description:

(Description Provided by CVE) : Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message.