Nam3Lumo

**Name of the Vulnerable Software and Affected Versions** WikiDocs version 0.1.18 **Description** The issue allows for authenticated remote code execution. An attacker can exploit this by uploading a malicious file using the `image upload form` through the "index.php" endpoint. The `image upload form` is vulnerable to malicious file uploads, which can be used to execute arbitrary code. **Recommendations** For WikiDocs version 0.1.18, consider disabling the image upload functionality through the "index.php" endpoint until a patch is available to prevent exploitation. Restrict access to the image upload form to minimize the risk of remote code execution.

**Name of the Vulnerable Software and Affected Versions** WikiDocs version 0.1.18 **Description** The issue concerns multiple reflected XSS vulnerabilities found on different pages. **Recommendations** For WikiDocs version 0.1.18, update to a version that addresses the reflected XSS vulnerabilities. At the moment, there is no information about a newer version that contains a fix for this vulnerability.