Vulnerabilities > Telepark

DATE	CVE	VULNERABILITY TITLE	RISK
2009-11-29	CVE-2009-4090	Improper Input Validation vulnerability in Telepark Telepark.Wiki Unrestricted file upload vulnerability in ajax/addComment.php in telepark.wiki 2.4.23 and earlier script allows remote attackers to execute arbitrary code by uploading a file with a name containing a NULL byte. network low complexity telepark CWE-20	7.5
2009-11-29	CVE-2009-4089	Improper Authentication vulnerability in Telepark Telepark.Wiki 2.4.23 telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php. network low complexity telepark CWE-287	5.0
2009-11-29	CVE-2009-4088	Path Traversal vulnerability in Telepark Telepark.Wiki Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php. network telepark CWE-22	6.8
2009-11-29	CVE-2009-4087	Cross-Site Scripting vulnerability in Telepark Telepark.Wiki Cross-site scripting (XSS) vulnerability in index.php in telepark.wiki 2.4.23 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. network telepark CWE-79	4.3

Vulnerabilities > Telepark {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Telepark"}]}