Vulnerability Details CVE-2013-7448
Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 67.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.debian.org/security/2016/dsa-3485
- http://www.openwall.com/lists/oss-security/2016/02/19/4
- http://www.openwall.com/lists/oss-security/2016/02/19/5
- http://www.openwall.com/lists/oss-security/2016/02/19/6
- http://www.openwall.com/lists/oss-security/2016/02/19/7
- https://github.com/OpenedHand/didiwiki/pull/1/files
- https://github.com/yarolig/didiwiki/commit/5e5c796617e1712905dc5462b94bd5e6c08d15ea
- http://www.debian.org/security/2016/dsa-3485
- http://www.openwall.com/lists/oss-security/2016/02/19/4
- http://www.openwall.com/lists/oss-security/2016/02/19/5
- http://www.openwall.com/lists/oss-security/2016/02/19/6
- http://www.openwall.com/lists/oss-security/2016/02/19/7
- https://github.com/OpenedHand/didiwiki/pull/1/files
- https://github.com/yarolig/didiwiki/commit/5e5c796617e1712905dc5462b94bd5e6c08d15ea
Products affected by CVE-2013-7448
-
cpe:2.3:a:didiwiki_project:didiwiki:-
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:8.0