PassWiki 'site_id' Parameter Local File Include Vulnerability

PassWiki is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue allows remote attackers to view local files within the context of the webserver process.

PassWiki 0.9.17 and prior versions are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus