Bugtraq mailing list archives
CVE-2016-10143: Vulnerability to read arbitrary files in "Tiki Wiki"
From: Leon.Zhao.7 () gmail com
Date: Fri, 10 Mar 2017 09:26:16 GMT
Credits =============== Zhao Liang, Huawei Weiran Labs Vendor: =============== Tiki Product: ======================== Tiki Wiki CMS The Tiki Wiki CMS Groupware project (aka TikiWiki or Tiki) is an open source initiative that releases and maintains a powerful OpenSource Content Management System (CMS) and Groupware called Tiki. Vulnerability Type: ================================ Access Validation Error CVE Reference: ============== CVE-2016-10143 Vulnerability Details: ===================== This vulnerability allows remote users to read arbitrary files on a targeted system via a crafted pathname in the banner URL field of Tiki Wiki. Exploitation Technique: ======================= Remote Severity Level: =============== High Best Regards, Zhao Liang, Huawei Weiran Labs
Current thread:
- CVE-2016-10143: Vulnerability to read arbitrary files in "Tiki Wiki" Leon . Zhao . 7 (Mar 10)