Direct static code injection vulnerability in wiki/index.php in Bitweaver 2.0.0 and previous versions, when comments are enabled, allows remote malicious users to inject arbitrary PHP code via an editcomments action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitweaver bitweaver |