tikiwiki -- multiple vulnerabilities

2006-08-21T00:00:00
ID E4C62ABD-5065-11DB-A5AE-00508D6A62DF
Type freebsd
Reporter FreeBSD
Modified 2006-08-21T00:00:00

Description

Secunia reports:

Thomas Pollet has discovered a vulnerability in TikiWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "highlight" parameter in tiki-searchindex.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

rgod has discovered a vulnerability in TikiWiki, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the "jhot.php" script not correctly verifying uploaded files. This can e.g. be exploited to execute arbitrary PHP code by uploading a malicious PHP script to the "img/wiki" directory.