Summary
This host is running PassWiki and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow remote attacker to inject arbitrary web script or HTML on a affected application.
Impact Level: Application
Solution
Upgrade to version 0.9.17
http://www.i-apps.net/passwiki
Insight
Input validation error in site_id parameter in passwiki.php file allows arbitrary code injection.
Affected
PassWiki version prior to 0.9.17 on all platforms.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-6423 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache mod_proxy_ajp Information Disclosure Vulnerability
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
- Apache Struts Directory Traversal Vulnerability