Cherry-design : Security Vulnerabilities, CVEs,

CVE-2011-5311

Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the data[text] parameter.
Max CVSS
6.8
EPSS Score
0.14%
Published
2015-01-01
Updated
2015-01-02

CVE-2011-5310

Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
Max CVSS
5.0
EPSS Score
0.57%
Published
2015-01-01
Updated
2015-01-02

CVE-2011-5309

Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Max CVSS
4.3
EPSS Score
0.12%
Published
2015-01-01
Updated
2015-01-02
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close