Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwiki vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-3193
lib/WikiUser/LDAP.php in PhpWiki prior to 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote malicious users to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations...
Phpwiki Phpwiki
7.5
CVSSv2
CVE-2007-2025
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote malicious users to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
Phpwiki Phpwiki 1.3.11p1
6.8
CVSSv2
CVE-2007-2024
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote malicious users to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
Phpwiki Phpwiki 1.3.x
7.5
CVSSv2
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote malicious users to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
Phpwiki Project Phpwiki 1.5.0
1 EDB exploit
9
CVSSv2
CVE-2017-7981
Tuleap prior to 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki prior to 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap ...
Enalean Tuleap
Phpwiki Project Phpwiki 1.3.10
1 EDB exploit
7.5
CVSSv2
CVE-2002-1070
Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote malicious users to execute script as other PHPWiki users via the pagename parameter.
Php-wiki Php-wiki 1.2
Php-wiki Php-wiki 1.2.1
Php-wiki Php-wiki 1.2.2
Php-wiki Php-wiki 1.3.2
Php-wiki Php-wiki 1.3.1
Php-wiki Php-wiki 1.3.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started