Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwiki phpwiki vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-3193
lib/WikiUser/LDAP.php in PhpWiki prior to 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote malicious users to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations...
Phpwiki Phpwiki
7.5
CVSSv2
CVE-2007-2025
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote malicious users to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
Phpwiki Phpwiki 1.3.11p1
7.5
CVSSv2
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote malicious users to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
Phpwiki Project Phpwiki 1.5.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-2024
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote malicious users to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
Phpwiki Phpwiki 1.3.x
9
CVSSv2
CVE-2017-7981
Tuleap prior to 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki prior to 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap ...
Enalean Tuleap
Phpwiki Project Phpwiki 1.3.10
1 EDB exploit
7.5
CVSSv2
CVE-2002-1070
Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote malicious users to execute script as other PHPWiki users via the pagename parameter.
Php-wiki Php-wiki 1.2
Php-wiki Php-wiki 1.2.1
Php-wiki Php-wiki 1.2.2
Php-wiki Php-wiki 1.3.2
Php-wiki Php-wiki 1.3.1
Php-wiki Php-wiki 1.3.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started