Debian Security Advisory 1371-1 – Several vulnerabilities have been discovered in phpWiki, a wiki engine written in PHP. It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. If the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, phpWiki might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/59241/dsa-1371-1.txt
Source: https://packetstormsecurity.com/files/59241/Debian-Linux-Security-Advisory-1371-1.html