Easy-Script: >> Wysi Wiki Wyg >> 1.0 Security Vulnerabilities
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
CVSS Score
7.8
EPSS Score
0.046
Published
2008-12-03
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.03
Published
2008-12-03
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVSS Score
5.0
EPSS Score
0.047
Published
2008-07-17