Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5322

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-5322
Last Modified 05 Feb 2009 01:50:55
Published 03 Dec 2008 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5322

Summary

Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.

Vulnerable Systems

Application

  • Easy-script Wysi Wiki Wyg 1.0


References

XF - wysiwikiwyg-categup-info-disclosure(47105)

MILW0RM - 6042

SECUNIA - 31061

MISC - http://packetstormsecurity.org/0810-exploits/wysiwikiwyg-lfixssdisclose.txt


Last Updated: 27 May 2016 10:48:46