WordPress MyEASYbackup Plugin 'dwn_file' Parameter Directory Traversal Vulnerability Network Vulnerability

Summary

This host is running with WordPress myEASYbackup Plugin and is prone to directory traversal vulnerability.

Impact

Successful exploitation could allow attackers to read arbitrary files via directory traversal attacks and gain sensitive information. Impact Level: Application

Solution

Upgrade to WordPress myEASYbackup Plugin version 1.0.9 or later. For updates refer to http://wordpress.org/extend/plugins/myeasybackup/

Insight

The flaw is due to an input validation error in 'dwn_file' parameter to 'wp-content/plugins/myeasybackup/meb_download.php', which allows attackers to read arbitrary files via a ../(dot dot) sequences.

Affected

WordPress myEASYbackup Plugin version 1.0.8.1

References

http://forums.cnet.com/7726-6132_102-5261356.html
http://packetstormsecurity.org/files/108711/wpmyeasybackup-traversal.txt
http://secunia.com/advisories/47594
http://www.securelist.com/en/advisories/47594

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0898
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Apache Continuum Cross Site Scripting Vulnerability
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability

WordPress myEASYbackup Plugin 'dwn_file' Parameter Directory Traversal Vulnerability

Take action and discover your vulnerabilities