Vulnerabilities > Wikkawiki > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-05 | CVE-2011-4448 | SQL Injection vulnerability in Wikkawiki 1.3.1/1.3.2 SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter in an update action. | 7.5 |
| 2007-05-11 | CVE-2007-2613 | Remote Security vulnerability in WikkaWiki WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment to upload and execute an arbitrary configuration file by modifying the WAKKA_CONFIG environment variable. low complexity wikkawiki | 8.3 |
| 2007-05-11 | CVE-2007-2612 | SQL-Injection vulnerability in WikkaWiki SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to execute arbitrary SQL commands via the limit parameter. | 7.5 |
| 2007-02-24 | CVE-2006-7049 | Information Disclosure vulnerability in Wikkawiki Method Function The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files. | 7.5 |