Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Max CVSS
9.3
EPSS Score
0.82%
Published
2008-03-10
Updated
2017-09-29
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
Max CVSS
9.3
EPSS Score
2.58%
Published
2008-03-10
Updated
2017-09-29
2 vulnerabilities found