TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload



EKU-ID: 29372 CVE: CVE-2004-1928;OSVDB-5182 OSVDB-ID:
Author: JeiAr Published: 2004-04-12 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/10100/info

Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload.

http://www.example.com/img/wiki_up/filenamehere