SHARE
CORE IMPACT v12 - Exploits Update (Tue Dec 06 2011)
Tikiwiki jhot Remote Code Execution Exploit
Exploits/Remote [Solaris]
Tue Dec 06 2011
An unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory.
Exploits Vulnerabiltiy: CVE-2006-4602