Tiki Wiki CMS Groupware 'unserialize()' Multiple PHP Code Execution Vulnerabilities Network Vulnerability

Summary

Tiki Wiki CMS Groupware is prone to multiple remote PHP code- execution vulnerabilities. An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks are also possible. Tiki Wiki CMS Groupware 8.3 is vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for details.

References

http://www.securityfocus.com/bid/54298

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0911

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Advantech WebAccess Multiple Vulnerabilities
admin.cgi overflow
3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities

Take action and discover your vulnerabilities