5 matches found
CVE-2011-4448
SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the defaultcommentdisplay parameter in an update action...
CVE-2011-4448
CVE-2011-4448 affects WikkaWiki 1.3.1 and 1.3.2. The vulnerability is an SQL injection in actions/usersettings/usersettings.php via the default_comment_display parameter in an update action, caused by insufficient sanitization. This allows remote attackers to inject arbitrary SQL commands and pot...
WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities
---------------------------------------------------- WikkaWiki = 1.3.2 Multiple Security Vulnerabilities ---------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom software link.....: http://wikkawiki.org/...
WikkaWiki Multiple Security Vulnerabilities
WikkaWiki is prone to multiple security vulnerabilities, including: - An SQL injection vulnerability. - An arbitrary file upload vulnerability. - An arbitrary file deletion vulnerability. - An arbitrary file download vulnerability. - A PHP code injection vulnerability. SPDX-FileCopyrightText: 201...
WikkaWiki 1.3.2 - Multiple Vulnerabilities
---------------------------------------------------- WikkaWiki Query" 142. UPDATE ".$this-GetConfigValue'tableprefix'."users 143. SET email = '".mysqlrealescapestring$email."', 144. doubleclickedit = '".mysqlrealescapestring$doubleclickedit."', 145. showcomments =...