The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2020-5645 Related Report None Severity LOW Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description Local File Inclusion. A malicious attacker can load arbitrary VaultWiki PHP files into memory outside of the intended execution pattern for those files. However, the attacker receives a fatal error when doing so.
Discovered March 11, 2020 Resolved April 7, 2020 Patches Available 4.1.0 RC 2 Patch Level 1
4.1.0 RC 1 Patch Level 2
4.0.28 Patch Level 2
4.0.27 Patch Level 5
4.0.26 Patch Level 7
This page has been seen 179,565 times.
-
-
Created by on
-