Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWiki prior to 1.9.8.2 allows remote malicious users to execute arbitrary code by using variable functions and variable variables to write variables whose names match the whitelist, a different vulnerability than CVE-2007-5423.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tiki tikiwiki cms\\/groupware 1.9.7 |
||
tiki tikiwiki cms\\/groupware 1.9.5 |
||
tiki tikiwiki cms\\/groupware 1.9.0 |
||
tiki tikiwiki cms\\/groupware 1.6.1 |
||
tiki tikiwiki cms\\/groupware |
||
tiki tikiwiki cms\\/groupware 1.9.4 |
||
tiki tikiwiki cms\\/groupware 1.9.3 |
||
tiki tikiwiki cms\\/groupware 1.9.2 |
||
tiki tikiwiki cms\\/groupware 1.9.1 |
||
tiki tikiwiki cms\\/groupware 1.9.6 |