cbcvebase.
CVE-2011-4334
published 2017-10-23

CVE-2011-4334: edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a…

PriorityP261high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
5.84%
92.3th percentile
edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
labwiki_projectlabwiki<= 1.1

Detection & IOCsextracted from sources · hover to see the quote

pathedit.php
urlhttp://localhost/LabWiki/recentchanges.php?nothing=nothing&page_no=">alert('muuratsalo')
  • Attacker uploads a PHP webshell with a .gif extension via the 'userfile' parameter to edit.php to bypass file type validation.
  • Monitor POST requests to edit.php containing a 'userfile' parameter where the uploaded file has a .gif extension but PHP content (e.g., <?php magic bytes absent, PHP tags present).
  • ·The vulnerability affects LabWiki 1.1 and earlier; exploitation requires the attacker to be authenticated.

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.