CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2613

HIGH
8.3
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile14.14th
PublishedMay 11, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment to upload and execute an arbitrary configuration file by modifying the WAKKA_CONFIG environment variable.

Affected Platforms (CPE)

πŸ“¦
Wikkawiki

Wikkawiki

<= 1.1.6.2

References & Advisories

πŸ”— http://osvdb.org/35825
πŸ”— http://wikkawiki.org/WikkaReleaseNotes
πŸ”— http://wush.net/trac/wikka/ticket/98
πŸ”— http://www.vupen.com/english/advisories/2007/1725
πŸ”— http://osvdb.org/35825
πŸ”— http://wikkawiki.org/WikkaReleaseNotes
πŸ”— http://wush.net/trac/wikka/ticket/98
πŸ”— http://www.vupen.com/english/advisories/2007/1725

Related Vulnerabilities

CVE-2007-26127.5

SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to execute ar...

CVE-2011-44487.5

SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execu...

CVE-2006-70497.5

The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, w...

CVE-2006-70506.8

Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary java...