6 matches found
CVE-2006-4602
creationtimestamp| type| source ---|---|--- 2010-07-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16885 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/tikiwikijhotexec.rb 2025-02-06 03:13:38+00:00| seen|...
TikiWiki jhot.php Script File Upload Security Bypass (CVE-2006-4602)
TikiWiki, also known as Tiki CMS/Groupware or simply Tiki, is a powerful wiki-based Content Management System CMS which allows users and/or groups of users to manage their data on-line via a web browser. TikiWiki provides numerous features, including Wiki-based Documentation, Groupware, Blogging...
TikiWiki jhot Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'TikiWiki jhot...
Gentoo Security Advisory GLSA 200609-16 (tikiwiki)
The remote host is missing updates announced in advisory GLSA 200609-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
CVE-2006-4602
CVE-2006-4602 affects TikiWiki (jhot.php) prior to/including 1.9.4 Sirius and earlier. Unrestricted file upload allows remote attackers to place a .php file in img/wiki/ and execute arbitrary PHP code. Connected sources document a remote-code-execution risk via jhot.php upload validation flaw; ex...