PassWiki 'site_id' Parameter Local File Include Vulnerability Network Vulnerability

Summary

PassWiki is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue allows remote attackers to view local files within the context of the webserver process. PassWiki 0.9.17 and prior versions are vulnerable.

References

http://www.securityfocus.com/bid/29455

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6423

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Struts Cross Site Scripting Vulnerability
Adobe JRun Management Console Multiple Vulnerabilities
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
aeNovo Database Content Disclosure Vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability

Take action and discover your vulnerabilities