CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2002-1070

HIGH
7.5
CVSS Severity Score
EPSS Score0.1650%
EPSS Percentile40.33th
Published2002年10月4日
Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter.

Affected Platforms (CPE)

📦
Php Wiki

Php Wiki

= 1.2
📦
Php Wiki

Php Wiki

= 1.2.1
📦
Php Wiki

Php Wiki

= 1.2.2
📦
Php Wiki

Php Wiki

= 1.3.1
📦
Php Wiki

Php Wiki

= 1.3.2
📦
Php Wiki

Php Wiki

= 1.3.3

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-07/0190.html
🔗 http://www.iss.net/security_center/static/9627.php
🔗 http://www.securityfocus.com/bid/5254
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-07/0190.html
🔗 http://www.iss.net/security_center/static/9627.php
🔗 http://www.securityfocus.com/bid/5254

相關漏洞威脅

CVE-2017-79818.8

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki compon...

CVE-2006-70497.5

The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, w...

CVE-2017-141417.2

The wiki_decode Developer System Helper function in the admin panel in Kaltura before 13.2.0 allows remote attackers to conduct PH...

CVE-2006-40746.8

PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd-wiki) 1.0.2 and earlier for J...