CVE-2013-7448

Published: 23 February 2016

Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
didiwiki
Launchpad, Ubuntu, Debian
Upstream
Released (0.5-12)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(0.5-12)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [0.5-11+deb8u1build0.14.04.1])
Patches:
Upstream: https://github.com/OpenedHand/didiwiki/pull/1/files