Summary
This host is running PassWiki and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow remote attacker to inject arbitrary web script or HTML on a affected application.
Impact Level: Application
Solution
Upgrade to version 0.9.17
http://www.i-apps.net/passwiki
Insight
Input validation error in site_id parameter in passwiki.php file allows arbitrary code injection.
Affected
PassWiki version prior to 0.9.17 on all platforms.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-6423 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- AMSI 'file' Parameter Directory Traversal Vulnerability
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities