CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-7049

The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/20628
http://wikkawiki.org/WikkaReleaseNotes
http://www.osvdb.org/26543
http://www.securityfocus.com/bid/18484
http://www.vupen.com/english/advisories/2006/2381
https://exchange.xforce.ibmcloud.com/vulnerabilities/27226
http://secunia.com/advisories/20628
http://wikkawiki.org/WikkaReleaseNotes
http://www.osvdb.org/26543
http://www.securityfocus.com/bid/18484
http://www.vupen.com/english/advisories/2006/2381
https://exchange.xforce.ibmcloud.com/vulnerabilities/27226

Products affected by CVE-2006-7049

Wikkawiki » Wikkawiki » Version: 1.1.6.0

cpe:2.3:a:wikkawiki:wikkawiki:1.1.6.0
Wikkawiki » Wikkawiki » Version: 1.1.6.1

cpe:2.3:a:wikkawiki:wikkawiki:1.1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-7049

Products

Pricing

Contact Us