CVE-2006-5702 – TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure
https://notcve.org/view.php?id=CVE-2006-5702
Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages. Tikiwiki 1.9.5 permite a un atacante remoto obtener información sensible (nombre de usuario de MySQL y contraseña) a través de un parámetro vacío sort_mode en (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, y (21) tiki-webmail_contacts.php,lo cual revela la información en ciertos mensajes de error de la base de datos. • https://www.exploit-db.com/exploits/2701 http://secunia.com/advisories/22678 http://secunia.com/advisories/23039 http://security.gentoo.org/glsa/glsa-200611-11.xml http://securityreason.com/securityalert/1816 http://www.securityfocus.com/archive/1/450268/100/0/threaded http://www.securityfocus.com/bid/20858 http://www.vupen.com/english/advisories/2006/4316 https://exchange.xforce.ibmcloud.com/vulnerabilities/29960 https://web.archive.org/web/20080211225557/http://secunia.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2006-4734
https://notcve.org/view.php?id=CVE-2006-4734
Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL commands via the (1) pid and (2) where parameters. Múltiples vulnerabilidades de inyección SQL en tiki-g-admin_processes.php en Tikiwiki 1.9.4 permiten a atacantes remotos ejecutar comandos SQL de su elección mediante los parámetros (1) pid y (2) where. • http://securityreason.com/securityalert/1544 http://tikiwiki.cvs.sourceforge.net/tikiwiki/tiki/tiki-g-admin_processes.php?view=log http://www.hackers.ir/advisories/tikiwiki.html http://www.securityfocus.com/archive/1/445790/100/0/threaded http://www.securityfocus.com/bid/19947 https://exchange.xforce.ibmcloud.com/vulnerabilities/28869 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2006-4602 – TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution
https://notcve.org/view.php?id=CVE-2006-4602
Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory. Vulnerabilidad de actualización de fichero no restringida en jhot.php en TikiWiki 1.9.4 Sirius y anteriores, permite a un atacante remoto ejecutar código PHP de su elección a través del parámetro filepath que contiene un nombre de fichero con una extensión .php, lo cual es actualizado en el directorio img/wiki/. TikiWiki contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered due to the jhot.php script not correctly verifying uploaded files. It is possible that the flaw may allow arbitrary PHP code execution by uploading a malicious PHP script resulting in a loss of integrity. • https://www.exploit-db.com/exploits/2288 https://www.exploit-db.com/exploits/16885 http://isc.sans.org/diary.php?storyid=1672 http://secunia.com/advisories/21733 http://secunia.com/advisories/22100 http://security.gentoo.org/glsa/glsa-200609-16.xml http://tikiwiki.org/tiki-read_article.php?articleId=136 http://www.osvdb.org/28456 http://www.securityfocus.com/bid/19819 http://www.vupen.com/english/advisories/2006/3450 http://web.archive.org/web/20061013183145/http& •
CVE-2006-4299
https://notcve.org/view.php?id=CVE-2006-4299
Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in TikiWiki 1.9.4 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en tiki-searchindex.php en TikiWiki 1.9.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro highlight. NOTA: los detalles se han obtenido de información de terceros. • http://secunia.com/advisories/21536 http://secunia.com/advisories/22100 http://security.gentoo.org/glsa/glsa-200609-16.xml http://www.osvdb.org/28071 http://www.securityfocus.com/bid/19654 http://www.vupen.com/english/advisories/2006/3351 https://exchange.xforce.ibmcloud.com/vulnerabilities/28498 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-3047
https://notcve.org/view.php?id=CVE-2006-3047
Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en TikiWiki v1.9.3.2 y versiones anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores de ataque desconocidos • http://secunia.com/advisories/20648 http://secunia.com/advisories/20850 http://securityreason.com/securityalert/1102 http://sourceforge.net/project/shownotes.php?group_id=64258&release_id=423840 http://www.gentoo.org/security/en/glsa/glsa-200606-29.xml http://www.securityfocus.com/archive/1/437017/100/0/threaded http://www.securityfocus.com/bid/18421 http://www.vupen.com/english/advisories/2006/2349 https://exchange.xforce.ibmcloud.com/vulnerabilities/27145 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •