VulnCheck KEV: CVE-2007-2024

Unrestricted file upload vulnerability in the UpLoad feature lib/plugin/UpLoad.php in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a 1 php3, 2 php4, or 3 php5 extension...

PhpWiki fails to properly restrict uploaded files

Overview PhpWiki fails to properly restrict uploaded files, which can allow a remote attacker to execute arbitrary commands on a vulnerable system. Description PhpWiki is Wiki software that is implemented in PHP. PhpWiki includes an "UpLoad" feature that allows users to upload files. Files with a...

Critical phpwiki c99shell exploit

Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3 or php4 file, install a backdoor at port 8081 and have access to your whole disc and overtake the server. A url in the file is http://ccteam.ru/releases/c99shell The uploaded file has a php, php3 or php4 extension and...

Ubuntu 4.10 / 5.04 : php4, php4-universe vulnerability (USN-147-1)

A remote code execution vulnerability has been discovered in the XMLRPC module of the PEAR PHP Extension and Application Repository extension of PHP. By sending specially crafted XMLRPC requests to an affected web server, a remote attacker could exploit this to execute arbitrary code with the web...

GLSA-200508-18 : PhpWiki: Arbitrary command execution through XML-RPC

The remote host is affected by the vulnerability described in GLSA-200508-18 PhpWiki: Arbitrary command execution through XML-RPC Earlier versions of PhpWiki contain an XML-RPC library that improperly handles XML-RPC requests and responses with malformed nested tags. Impact : A remote attacker...

PhpWiki: Arbitrary command execution through XML-RPC

Background PhpWiki is an application that creates a web site where anyone can edit the pages through HTML forms. Description Earlier versions of PhpWiki contain an XML-RPC library that improperly handles XML-RPC requests and responses with malformed nested tags. Impact A remote attacker could...

USN-147-1: PHP XMLRPC vulnerability

A remote code execution vulnerability has been discovered in the XMLRPC module of the PEAR PHP Extension and Application Repository extension of PHP. By sending specially crafted XMLRPC requests to an affected web server, a remote attacker could exploit this to execute arbitrary code with the web...

[SA15903] PhpWiki XML-RPC PHP Code Execution Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2002-1070

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter...

CVE-2002-1070

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter...

CVE-2002-1070

Technical details (affected product/version, root cause, impact, fixes) are not publicly provided in the supplied connected documents. Monitor for updates.