FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| e4c62abd-5065-11db-a5ae-00508d6a62df | tikiwiki -- multiple vulnerabilities
Secunia reports:
Thomas Pollet has discovered a vulnerability in TikiWiki,
which can be exploited by malicious people to conduct
cross-site scripting attacks.
Input passed to the "highlight" parameter in
tiki-searchindex.php is not properly sanitised before being
returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session
in context of an affected site.
rgod has discovered a vulnerability in TikiWiki, which can
be exploited by malicious people to compromise a vulnerable
system.
The vulnerability is caused due to the "jhot.php" script
not correctly verifying uploaded files. This can e.g. be
exploited to execute arbitrary PHP code by uploading a
malicious PHP script to the "img/wiki" directory.
Discovery 2006-08-21
Entry 2006-09-30
tikiwiki
< 1.9.5
19654
19819
CVE-2006-4299
CVE-2006-4602
http://secunia.com/advisories/21536/
http://secunia.com/advisories/21733/
|