Description
WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.
Remediation
References
Related Vulnerabilities
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5665)
WordPress Plugin SearchWP Live Ajax Search Directory Traversal (1.6.2)
Oracle Database Server CVE-2011-0816 Vulnerability (CVE-2011-0816)
SharePoint Origin Validation Error Vulnerability (CVE-2020-16952)
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4192)