Wiki Web Help 'uploadimage.php' Arbitrary File Upload Vulnerability Network Vulnerability

Summary

Wiki Web Help is prone to an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer this can result in arbitrary code execution within the context of the vulnerable application. Wiki Web Help 0.2.7 is vulnerable other versions may also be affected.

Solution

The vendor released a patch. Please see the references for more information.

References

http://sourceforge.net/projects/wwh/
http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693
https://www.securityfocus.com/bid/41309

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.6
AV:N/AC:H/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
Apache Archiva Multiple Vulnerabilities
Apache Struts2 'XWork' Information Disclosure Vulnerability
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability

Take action and discover your vulnerabilities