VYPR
Unrated severityNVD Advisory· Published Aug 8, 2007· Updated Jun 16, 2026

CVE-2007-4182

CVE-2007-4182

Description

Unrestricted file upload vulnerability in index.php in WikiWebWeaver 1.1 and earlier allows remote attackers to upload and execute arbitrary PHP code via an upload action specifying a filename with a double extension such as .gif.php, which is accessible from data/documents/.

Affected products

2
  • cpe:2.3:a:wikiwebweaver:wikiwebweaver:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:wikiwebweaver:wikiwebweaver:*:*:*:*:*:*:*:*range: <=1.1
    • (no CPE)range: <=1.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.