Easy-Script: >> Wysi Wiki Wyg >> 1.0 Security Vulnerabilities
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
CVSS Score
7.8
EPSS Score
0.023
Published
2008-12-03
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.016
Published
2008-12-03
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVSS Score
5.0
EPSS Score
0.02
Published
2008-07-17