Filtered by vendor Phpwiki
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2024 | 1 Phpwiki | 1 Phpwiki | 2018-10-16 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension. | |||||
| CVE-2007-3193 | 1 Phpwiki | 1 Phpwiki | 2017-07-28 | 10.0 HIGH | N/A |
| lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations. | |||||
| CVE-2007-2025 | 1 Phpwiki | 1 Phpwiki | 2008-09-05 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file. | |||||