Because of these vulnerabilities, the attackers can obtain sensitive information via a direct request for wp-content/themes/default/index.php, links.php, sidebar.php, livejournal.php, hello.php, mt.php, page.php, rss.php, search.php, searchform.php, 404.php, wp-db-backup.php, akismet.php, comments-popup.php, archive.php, archives.php, functions.php, header.php, upgrade-schema.php, attachment.php, single.php, blogger.php, upgrade-functions.php, dotclear.php, comments.php, textpattern.php or footer.php, that reveal the path in various error messages.
Solution
Update the WordPress to the latest available version (at least 2.0.6).
Found a vulnerability that puts your sites at risk?