WikkaWiki Multiple Security Vulnerabilities Network Vulnerability

Summary

WikkaWiki is prone to multiple security vulnerabilities, including: 1. An SQL injection vulnerability. 2. An arbitrary file upload vulnerability. 3. An arbitrary file deletion vulnerability. 4. An arbitrary file download vulnerability. 5. A PHP code injection vulnerability. Attackers can exploit these issues to modify the logic of SQL queries upload, delete, or download arbitrary files or inject and execute arbitrary PHP code in the context of the affected application. Other attacks may also be possible. WikkaWiki 1.3.2 and prior versions are vulnerable.

References

http://wikkawiki.org/
http://www.securityfocus.com/archive/1/520687
http://www.securityfocus.com/bid/50866

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4448, CVE-2011-4449, CVE-2011-4450, CVE-2011-4451
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
Admbook PHP Code Injection Flaw
AdaptBB Multiple Input Validation Vulnerabilities
Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability

Take action and discover your vulnerabilities