|
CVE Reference: CVE-2007-5684
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2007-5684
|
|
Description:
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "..%2F" sequences in the imp_language parameter to tiki-imexport_languages.php.
|
|
CVE Status:
Candidate
|
|
References:
CONFIRM
http://info.tikiwiki.org/tiki-read_article.php?articleId=15
BUGTRAQ
http://www.securityfocus.com/archive/1/482801/30/0/threaded
|
|
|
Return to the previous page.
|
