CVE-2013-7448

HIGH

DidiWiki - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get.

References (7)

Core 7
Core References
Issue Tracking x_refsource_misc
https://github.com/OpenedHand/didiwiki/pull/1/files
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/02/19/5
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/02/19/7
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/02/19/6
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/02/19/4
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3485

Scores

CVSS v3 7.5
EPSS 0.0353
EPSS Percentile 87.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (3)
debian/debian_linux 7.0
debian/debian_linux 8.0
didiwiki_project/didiwiki
Published Feb 23, 2016
Tracked Since Feb 18, 2026