Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 5.13%
- Veröffentlicht 12.06.2007 23:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certai...
6.8
CVE-2007-2024
- EPSS 3.71%
- Veröffentlicht 13.04.2007 18:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
7.5
CVE-2007-2025
- EPSS 1.34%
- Veröffentlicht 13.04.2007 18:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being...
1