First published: Wed Feb 06 2008(Updated: )
Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dmsguestbook Project Dmsguestbook | =1.7.0 | |
Dmsguestbook Project Dmsguestbook | =1.8.0 | |
Dmsguestbook Dmsguestbook | =1.8 | |
WordPress WordPress | ||
Dmsguestbook Dmsguestbook | =1.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.