RSS   Podatności dla 'Speedywiki'   RSS

2006-11-09
 
CVE-2006-5845

 

 
Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1.

 
 
CVE-2006-5844

 

 
Speedywiki 2.0 allows remote attackers to obtain the full path of the web server via the (1) showRevisions[] and (2) searchText[] parameters in (a) index.php, and (b) a direct request to upload.php without any parameters.

 
 
CVE-2006-5843

 

 
Cross-site scripting (XSS) vulnerability in index.php in Speedywiki 2.0 allows remote attackers to inject arbitrary web script or HTML via the showRevisions parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top