QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5800

Published: Nov 3, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.php, and other unspecified scripts under plugins/BackUp/Archive/.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

http://wordpress.designpraxis.at/2007/11/01/security-vulnerability-in-backupwordpress/

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_OSVDB

backupwordpress-bkpwp-file-include(38212)

vdb-entry

x_refsource_XF

exploit

x_refsource_EXPLOIT-DB

vdb-entry

x_refsource_BID

http://wordpress.designpraxis.at/2007/11/01/backupwordpress-security-release/

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.