ByteOS Network

NVD Vulnerability Details :

CVE-2006-7049

Modified

Source-cve@mitre.org

Published At-24 Feb, 2007 | 00:28

Updated At-23 Apr, 2026 | 00:35

The Method method in WikkaWiki (Wikka Wiki) before 1.1.6.2 calls the strstr and strrpos functions with the wrong argument order, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

wikkawiki>>wikkawiki>>1.1.6.0

cpe:2.3:a:wikkawiki:wikkawiki:1.1.6.0:*:*:*:*:*:*:*

wikkawiki>>wikkawiki>>1.1.6.1

cpe:2.3:a:wikkawiki:wikkawiki:1.1.6.1:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://secunia.com/advisories/20628	cve@mitre.org	Patch Vendor Advisory
http://wikkawiki.org/WikkaReleaseNotes	cve@mitre.org	N/A
http://www.osvdb.org/26543	cve@mitre.org	Patch
http://www.securityfocus.com/bid/18484	cve@mitre.org	Patch
http://www.vupen.com/english/advisories/2006/2381	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27226	cve@mitre.org	N/A
http://secunia.com/advisories/20628	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://wikkawiki.org/WikkaReleaseNotes	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/26543	af854a3a-2127-422b-91ae-364da2661108	Patch
http://www.securityfocus.com/bid/18484	af854a3a-2127-422b-91ae-364da2661108	Patch
http://www.vupen.com/english/advisories/2006/2381	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27226	af854a3a-2127-422b-91ae-364da2661108	N/A