Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4450
cve
2011
4450
directory traversal
wikkawiki
remote attack
file deletion
6.6 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.008 Low
EPSS
Percentile
81.3%
Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial … (dot dot) in the file parameter, as demonstrated by the /…/…/wikka.config.php pathname in a download action.
Affected configurations
Node
wikkawikiwikkawikiMatch1.3.1
ORwikkawikiwikkawikiMatch1.3.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| wikkawiki:wikkawiki | wikkawiki | eq | 1.3.1 |
| wikkawiki:wikkawiki | wikkawiki | eq | 1.3.2 |
Related
nvd
nvd
CVE-2011-4450
2012-09-05 20:55:01
prion
prion
Directory traversal
2012-09-05 20:55:00
cvelist
cvelist
CVE-2011-4450
2022-10-03 16:15:15
openvas
openvas
WikkaWiki Multiple Security Vulnerabilities
2011-12-01 00:00:00
WikkaWiki Multiple Security Vulnerabilities
2011-12-01 00:00:00
exploitpack
exploitpack
WikkaWiki 1.3.2 - Multiple Vulnerabilities
2011-11-30 00:00:00
seebug
seebug
WikkaWiki <= 1.3.2 - Multiple Security Vulnerabilities
2014-07-01 00:00:00
WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities
2011-12-01 00:00:00
securityvulns
securityvulns
WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities
2011-12-04 00:00:00
packetstorm
packetstorm
WikkaWiki 1.3.2 Code Execution / Shell Upload / SQL Injection
2011-11-30 00:00:00
exploitdb
exploitdb
WikkaWiki 1.3.2 - Multiple Vulnerabilities
2011-11-30 00:00:00
6.6 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.008 Low
EPSS
Percentile
81.3%
Related for CVE-2011-4450