RSS   Vulnerabilities for 'Wikkitikkitavi'   RSS

2009-02-16
 
CVE-2009-0602

CWE-20
 

 
Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi 1.11 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.

 
2002-12-31
 
CVE-2002-2106

CWE-Other
 

 
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top