Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpwiki phpwiki vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2007-3193
lib/WikiUser/LDAP.php in PhpWiki prior to 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote malicious users to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations...
Phpwiki Phpwiki
668
VMScore
CVE-2007-2025
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote malicious users to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
Phpwiki Phpwiki 1.3.11p1
605
VMScore
CVE-2007-2024
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote malicious users to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
Phpwiki Phpwiki 1.3.x
755
VMScore
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote malicious users to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
Phpwiki Project Phpwiki 1.5.0
1 EDB exploit
905
VMScore
CVE-2017-7981
Tuleap prior to 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki prior to 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap ...
Enalean Tuleap
Phpwiki Project Phpwiki 1.3.10
1 EDB exploit
755
VMScore
CVE-2002-1070
Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote malicious users to execute script as other PHPWiki users via the pagename parameter.
Php-wiki Php-wiki 1.2
Php-wiki Php-wiki 1.2.1
Php-wiki Php-wiki 1.2.2
Php-wiki Php-wiki 1.3.2
Php-wiki Php-wiki 1.3.1
Php-wiki Php-wiki 1.3.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started