Short Name |
HTTP:PHP:TIKIWIKI-CMD-EXEC |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
TikiWiki Upload PHP Command Execution |
Release Date |
2005/07/26 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects an attempt to exploit a known vulnerability against the TikiWiki CMS server application. A maliciously crafted file uploaded to the TikWiki CMS server application, can allow an attacker to execute arbitrary code within the context of the Web server's permissions.
Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload.