Vulnerability Details CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.1%
CVSS Severity
CVSS v2 Score 7.8
References
- http://packetstormsecurity.org/0810-exploits/wysiwikiwyg-lfixssdisclose.txt
- http://secunia.com/advisories/31061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47105
- https://www.exploit-db.com/exploits/6042
- http://packetstormsecurity.org/0810-exploits/wysiwikiwyg-lfixssdisclose.txt
- http://secunia.com/advisories/31061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47105
- https://www.exploit-db.com/exploits/6042
Products affected by CVE-2008-5322
-
cpe:2.3:a:easy-script:wysi_wiki_wyg:1.0