Published: 12/06/2007 Updated: 29/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

lib/WikiUser/LDAP.php in PhpWiki prior to 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote malicious users to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpwiki phpwiki

Several vulnerabilities have been discovered in phpWiki, a wiki engine written in PHP The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2024 It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads CVE-2007-2025 It was ...

NVD-CWE-Other http://sourceforge.net/tracker/index.php?func=detail&aid=1732882&group_id=6121&atid=106121 http://sourceforge.net/project/shownotes.php?release_id=514820 http://secunia.com/advisories/25595 http://www.debian.org/security/2007/dsa-1371 http://security.gentoo.org/glsa/glsa-200709-10.xml http://secunia.com/advisories/26784 http://secunia.com/advisories/26880 http://www.vupen.com/english/advisories/2007/2144 http://osvdb.org/37219 https://exchange.xforce.ibmcloud.com/vulnerabilities/34819 https://nvd.nist.gov https://www.debian.org/security/./dsa-1371

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3193

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect