Vulnerability Description
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yeswiki | Yeswiki | 2012-10-22-1 |
Related Weaknesses (CWE)
References
- https://0dd.zone/2018/08/05/YesWiki-Object-Injection/Third Party Advisory
- https://github.com/YesWiki/yeswiki/issues/356Issue TrackingPatchThird Party Advisory
- https://0dd.zone/2018/08/05/YesWiki-Object-Injection/Third Party Advisory
- https://github.com/YesWiki/yeswiki/issues/356Issue TrackingPatchThird Party Advisory
FAQ
What is CVE-2018-1000641?
CVE-2018-1000641 is a vulnerability with a CVSS score of 9.8 (CRITICAL). YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of inform...
How severe is CVE-2018-1000641?
CVE-2018-1000641 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-1000641?
Check the references section above for vendor advisories and patch information. Affected products include: Yeswiki Yeswiki.