CVE-2011-4334

2017-10-2318:00:00

redhat

www.cve.org

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

55.7%

JSON

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.

References

www.openwall.com/lists/oss-security/2011/11/21/16

www.openwall.com/lists/oss-security/2014/02/08/5