CVE-2014-5519

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the editcontent parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information...

Information disclosure

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the editcontent parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information...

CVE-2014-5519

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the editcontent parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information...

CVE-2014-5519

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the editcontent parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information...

CVE-2014-5519

Summary: CVE-2014-5519 affects PhpWiki 1.5.0’s Ploticus module. The vulnerability allows remote code execution by injecting shell metacharacters in a device option within the edit[content] parameter to index.php/HeIp, enabling arbitrary code execution on the affected server. Public exploit/tracki...

PhpWiki RCE Vulnerability

PhpWiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PhpWiki - Remote Command Execution

PhpWiki - Remote Command Execution / / / / / / // / / / / / / / \ | /| / / / /// / / / // / // / / // / / / / // / |/ |/ / / ,&2;'+cmd+' 1&2;echo ':::'123 1&2;" -prefab= -csmap= data= alt= help= ','editpreview','Preview','action','edit' cmd1 = urllib2.Requestdomain +'/index.php/HeIp',data cmd2...

PhpWiki - Remote Command Execution Exploit

Proof of concept exploit for PhpWiki that demonstrates a remote command injection vulnerability via the Ploticus module. / / / / / / // / / / / / / / \ | /| / / / /// / / / // / // / / // / / / / // / |/ |/ / / ,&2;'+cmd+' 1&2;echo ':::'123 1&2;" -pre...

PhpWiki - Remote Command Execution

/ / / / / / // / / / / / / / \ | /| / / / /// / / / // / // / / // / / / / // / |/ |/ / / ,&2;'+cmd+' 1&2;echo ':::'123 1&2;" -prefab= -csmap= data= alt= help= ','editpreview','Preview','action','edit' cmd1 = urllib2.Requestdomain +'/index.php/HeIp',data cmd2 = urllib2...

PhpWiki Ploticus Command Injection

/ / / / / / // / / / / / / / \ | /| / / / /// / / / // / // / / // / / / / // / |/ |/ / / ,&2;'+cmd+' 1&2;echo ':::'123 1&2;" -prefab= -csmap= data= alt= help= ','editpreview','Preview','action','edit' cmd1 = urllib2.Requestdomain +'/index.php/HeIp',data cmd2 = urllib2.urlopencmd1 output =...

Gentoo Security Advisory GLSA 200705-16 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200705-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200709-10 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200709-10. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200508-18 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200508-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200709-10 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200709-10. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200508-18 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200508-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200705-16 (phpwiki)

The remote host is missing updates announced in advisory GLSA 200705-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1371-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1371-1 (phpwiki)

The remote host is missing an update to phpwiki announced via advisory DSA 1371-1. OpenVAS Vulnerability Test $Id: deb13711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1371-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

GLSA-200709-10 : PhpWiki: Authentication bypass

The remote host is affected by the vulnerability described in GLSA-200709-10 PhpWiki: Authentication bypass The PhpWiki development team reported an authentication error within the file lib/WikiUser/LDAP.php when binding to an LDAP server with an empty password. Impact : A remote attacker could...

PhpWiki: Authentication bypass

Background PhpWiki is an application that creates a web site where anyone can edit the pages through HTML forms. Description The PhpWiki development team reported an authentication error within the file lib/WikiUser/LDAP.php when binding to an LDAP server with an empty password. Impact A remote...