11 matches found
EUVD-2007-3122
Malware in sbrugna...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in the OpenWiki formerly JD-Wiki component comjd-wiki 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 dwpage.php or 2 wantedpages.php, different...
CVE-2007-3130
Multiple PHP remote file inclusion vulnerabilities in the OpenWiki formerly JD-Wiki component comjd-wiki 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 dwpage.php or 2 wantedpages.php, different...
CVE-2007-3130
CVE-2007-3130 concerns multiple PHP remote file inclusion vulnerabilities in the OpenWiki (com_jd-wiki) Joomla! component (JD-Wiki) 1.0.2 and earlier. The root cause is improper use of the mosConfig_absolute_path parameter, allowing an attacker to supply a URL to include arbitrary PHP code via dw...
CVE-2007-3130
Multiple PHP remote file inclusion vulnerabilities in the OpenWiki formerly JD-Wiki component comjd-wiki 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 dwpage.php or 2 wantedpages.php, different...
CVE-2006-2473
Cross-site scripting XSS vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot insert code in...
Cross site scripting
DISPUTED Cross-site scripting XSS vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot inser...
CVE-2006-2473
CVE-2006-2473 : OpenWiki 0.78 contains a cross-site scripting (XSS) vulnerability in the ow.asp file, exploitable via the p parameter. The issue, which the vendor disputes (claims that inputs are escaped and cannot be used to inject code), is documented across multiple sources (NVD, CVE list, PRI...
CVE-2006-2473
Cross-site scripting XSS vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot insert code in...
PT-2006-3421 · Openwiki · Openwiki
Name of the Vulnerable Software and Affected Versions: OpenWiki version 0.78 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the p parameter in the ow.asp file. This issue has been disputed by the vendor, who claims that code...
OpenWiki<--v0.78 Cross-Site Scripting
======================= Discovery by: LiNuXrOOt Site:www.alshmokh.com ======================= Example: /ow.asp?p=XSS...