2 matches found
TikiWiki: Multiple vulnerabilities
Background TikiWiki is an open source content management system written in PHP. Description Stefan Esser reported that a previous vulnerability CVE-2007-5423, GLSA 200710-21 was not properly fixed in TikiWiki 1.9.8.1 CVE-2007-5682. The TikiWiki development team also added several checks to avoid...
GLSA-200710-21 : TikiWiki: Arbitrary command execution
The remote host is affected by the vulnerability described in GLSA-200710-21 TikiWiki: Arbitrary command execution ShAnKaR reported that input passed to the 'f' array parameter in tiki-graphformula.php is not properly verified before being used to execute PHP functions. Impact : An attacker could...