Jspwiki : Security vulnerabilities, CVEs

Copy

CVE-2008-1231

Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.

Max CVSS

9.3

EPSS Score

0.82%

Published

2008-03-10

Updated

2017-09-29

CVE-2008-1230

Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."

Max CVSS

9.3

EPSS Score

2.58%

Published

2008-03-10

Updated

2017-09-29

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!