YesWiki before 4.5.2 allows unauthenticated path traversal via the 'squelette' parameter. An attacker can exploit this to read arbitrary files on the server, like /etc/passwd.
YESWIKI 0.2 is vulnerable to Path Traversal. An attacker can exploit this vulnerability to read sensitive files from the server. This vulnerability exists due to insufficient sanitization of user-supplied input to the 'template' parameter in 'wakka.php' script. An attacker can send a specially crafted HTTP request to the vulnerable script and read sensitive files from the server.
YESWIKI Path Traversal Exploit allows an attacker to download a file from the vulnerable server. The attacker can send a specially crafted HTTP request containing directory traversal strings (e.g. “../”) to the vulnerable server and download any file from the server.
YesWiki cercopitheque 2020-04-18-1 is vulnerable to SQL Injection. An attacker can exploit this vulnerability to gain access to sensitive information stored in the database. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'BazaR' script. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable script and execute arbitrary code on the underlying database.
An SQL injection vulnerability exists in Yeswiki Cercopitheque 2018-06-19-1, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in a 'BaZar&vue=exporter' URL. An example of exploitation is http://localhost/[PATH]/?BaZar&vue=exporter&id=-1 UNION SELECT 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15#
Services By CQR