CVE-2005-0200

TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386.
Configurations

Configuration 1 (hide)

cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://secunia.com/advisories/13948 - () http://secunia.com/advisories/13948 -
References () http://tikiwiki.org/art102 - Patch () http://tikiwiki.org/art102 - Patch
References () http://www.gentoo.org/security/en/glsa/glsa-200501-41.xml - Patch () http://www.gentoo.org/security/en/glsa/glsa-200501-41.xml - Patch

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0200

Mitre link : CVE-2005-0200

CVE.ORG link : CVE-2005-0200


JSON object : View

Products Affected

tiki

  • tikiwiki_cms\/groupware
CWE
CWE-20

Improper Input Validation