7 matches found
WikkaWiki 1.3.2 Spam Logging PHP Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
CVE-2011-4449
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANETMODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a...
CVE-2011-4449
CVE-2011-4449 affects WikkaWiki 1.3.1 and 1.3.2. When INTRANET_MODE is enabled, the actions/files/files.php upload handling permits uploading files with extensions typically not listed in Apache’s TypesConfig, enabling remote attackers to place multi-extension files (e.g., .mm or .vpp) and execut...
WikkaWiki 1.3.2 Spam Logging PHP Injection
Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities
---------------------------------------------------- WikkaWiki = 1.3.2 Multiple Security Vulnerabilities ---------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom software link.....: http://wikkawiki.org/...
WikkaWiki Multiple Security Vulnerabilities
WikkaWiki is prone to multiple security vulnerabilities, including: - An SQL injection vulnerability. - An arbitrary file upload vulnerability. - An arbitrary file deletion vulnerability. - An arbitrary file download vulnerability. - A PHP code injection vulnerability. SPDX-FileCopyrightText: 201...
WikkaWiki 1.3.2 - Multiple Vulnerabilities
---------------------------------------------------- WikkaWiki Query" 142. UPDATE ".$this-GetConfigValue'tableprefix'."users 143. SET email = '".mysqlrealescapestring$email."', 144. doubleclickedit = '".mysqlrealescapestring$doubleclickedit."', 145. showcomments =...