TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure
| EKU-ID: 29376 | CVE: CVE-2004-1923;OSVDB-5187 | OSVDB-ID: |
| Author: JeiAr | Published: 2004-04-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29376 | CVE: CVE-2004-1923;OSVDB-5187 | OSVDB-ID: |
| Author: JeiAr | Published: 2004-04-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload. tiki-browse_categories.php?find=&deep=off&parentId=[VID]&offset=[INT]&sort_mode= tiki-browse_categories.php?find=&deep=off&parentId=[VID]&offset=