Labwiki Security Vulnerabilities

CVE-2011-4333

Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to...

CVE-2011-4334

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile...

CVE-2006-2968

Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query...

CVE-2006-2850

Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP Labware LabWiki 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the help...