Vulnerabilities > Phpwiki Project

DATE CVE VULNERABILITY TITLE RISK
2017-04-29 CVE-2017-7981 OS Command Injection vulnerability in multiple products
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin.
network
low complexity
enalean phpwiki-project CWE-78
critical
9.0
2014-09-11 CVE-2014-5519 Code Injection vulnerability in PHPwiki Project PHPwiki 1.5.0
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp.
network
low complexity
phpwiki-project CWE-94
7.5