WikkaWiki Multiple Security Vulnerabilities Network Vulnerability

Summary

WikkaWiki is prone to multiple security vulnerabilities, including: 1. An SQL injection vulnerability. 2. An arbitrary file upload vulnerability. 3. An arbitrary file deletion vulnerability. 4. An arbitrary file download vulnerability. 5. A PHP code injection vulnerability. Attackers can exploit these issues to modify the logic of SQL queries upload, delete, or download arbitrary files or inject and execute arbitrary PHP code in the context of the affected application. Other attacks may also be possible. WikkaWiki 1.3.2 and prior versions are vulnerable.

References

http://wikkawiki.org/
http://www.securityfocus.com/archive/1/520687
http://www.securityfocus.com/bid/50866

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4448, CVE-2011-4449, CVE-2011-4450, CVE-2011-4451

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

A Really Simple Chat Multiple SQL Injection Vulnerabilities
'research_display.php' SQL Injection Vulnerability
appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
Baby Gekko CMS Multiple Vulnerabilities
Admin News Tools Multiple Vulnerabilities

Take action and discover your vulnerabilities