cbcvebase.
CVE-2014-9119
published 2014-12-31

CVE-2014-9119: Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a…

PriorityP344medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
16.12%
96.5th percentile
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
db_backup_projectdb_backup<= 4.5

Detection & IOCsextracted from sources · hover to see the quote

url/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php
url/wp-content/plugins/db-backup/download.php?file=/etc/passwd
path/wp-content/plugins/db-backup/download.php
  • HTTP GET requests to /wp-content/plugins/db-backup/download.php with a 'file' parameter containing directory traversal sequences (e.g., '../') should be flagged as exploitation attempts.
  • Successful exploitation of wp-config.php exfiltration can be confirmed by detecting the strings 'DB_NAME' and 'DB_PASSWORD' in HTTP response bodies originating from the vulnerable endpoint.
  • Use the Google Dork 'inurl:wp-content/plugins/db-backup/' to identify potentially vulnerable WordPress installations exposed on the internet.
  • ·The vulnerability affects DB Backup plugin version 4.5 and earlier; version 4.6 or higher is not affected. Ensure version scoping when deploying detections.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.