Wiki Web Help 'uploadimage.php' Arbitrary File Upload Vulnerability Network Vulnerability

Summary

Wiki Web Help is prone to an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer this can result in arbitrary code execution within the context of the vulnerable application. Wiki Web Help 0.2.7 is vulnerable other versions may also be affected.

Solution

The vendor released a patch. Please see the references for more information.

References

http://sourceforge.net/projects/wwh/
http://sourceforge.net/tracker/?func=detail&atid=1296085&aid=3025530&group_id=307693
https://www.securityfocus.com/bid/41309

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Apache Archiva Home Page Cross-Site Scripting vulnerability
Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
Afian 'includer.php' Directory Traversal Vulnerability
An Image Gallery Multiple Cross-Site Scripting Vulnerability
Apache Tomcat Login Constraints Security Bypass Vulnerability

Take action and discover your vulnerabilities