Skip to main content

Phpwiki

2 CVEs product

Monthly

CVE-2017-7981 HIGH POC PATCH THREAT Act Now

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.0%.

PHP Command Injection Tuleap Phpwiki
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
12.0%
CVE-2014-5519 HIGH POC THREAT Act Now

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.6%.

RCE PHP Code Injection Phpwiki
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.6%
Threat
5.5
EPSS 12% CVSS 8.8
HIGH POC PATCH THREAT Act Now

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.0%.

PHP Command Injection Tuleap +1
NVD GitHub Exploit-DB
EPSS 83% 5.5 CVSS 7.5
HIGH POC THREAT Act Now

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.6%.

RCE PHP Code Injection +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy