Lucene search
MitreCVELIST:CVE-2006-4602HistorySep 07, 2006 - 12:00 a.m.
CVE-2006-4602
2006-09-0700:00:00
mitre
www.cve.org
Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory.
References
isc.sans.org/diary.php?storyid=1672
secunia.com/advisories/21733
secunia.com/advisories/22100
security.gentoo.org/glsa/glsa-200609-16.xml
tikiwiki.org/tiki-read_article.php?articleId=136
www.osvdb.org/28456
www.securityfocus.com/bid/19819
www.vupen.com/english/advisories/2006/3450
www.exploit-db.com/exploits/2288
Related
saint
saint
TikiWiki file upload vulnerability (jhot.php)
2006-09-08 00:00:00
TikiWiki file upload vulnerability (jhot.php)
2006-09-08 00:00:00
TikiWiki file upload vulnerability (jhot.php)
2006-09-08 00:00:00
cve
cve
CVE-2006-4602
2006-09-07 00:04:00
packetstorm
packetstorm
TikiWiki jhot Remote Command Execution
2009-10-30 00:00:00
nessus
nessus
TikiWiki jhot.php Arbitrary File Upload
2006-09-04 00:00:00
GLSA-200609-16 : Tikiwiki: Arbitrary command execution
2006-09-27 00:00:00
checkpoint_advisories
checkpoint_advisories
TikiWiki jhot.php Script File Upload Security Bypass (CVE-2006-4602)
2010-01-24 00:00:00
nvd
nvd
CVE-2006-4602
2006-09-07 00:04:00
openvas
openvas
Tiki Wiki CMS Groupware jhot.php RCE Vulnerability
2012-08-22 00:00:00
Gentoo Security Advisory GLSA 200609-16 (tikiwiki)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200609-16 (tikiwiki)
2008-09-24 00:00:00
freebsd
freebsd
tikiwiki -- multiple vulnerabilities
2006-08-21 00:00:00
gentoo
gentoo
Tikiwiki: Arbitrary command execution
2006-09-26 00:00:00