Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WikkaWiki 安全漏洞
Vulnerability Description
WikkaWiki 1.3.1和1.3.2版本中的actions/files/files.php中存在漏洞,该漏洞源于INTRANET_MODE启用时,支持文件上传,典型缺少从Apache HTTP Server TypesConfig文件的文件扩展。远程攻击者可利用该漏洞通过在放置此代码带有许多扩展名的文件如(1).mm或(2).vpp文件,执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A