Summary
The host is installed with TikiWiki and is prone to input sanitation weakness vulnerability.
Impact
Successful exploitation could allow arbitrary code execution in the context of an affected site.
Impact Level: Application
Solution
Upgrade to version 2.2 or latest
http://info.tikiwiki.org/tiki-index.php?page=Get+Tiki&bl
Insight
The vulnerability is due to input validation error in tiki-error.php which fails to sanitise before being returned to the user.
Affected
TikiWiki CMS/Groupware version prior to 2.2 on all running platform
References
Severity
Classification
-
CVE CVE-2008-5318, CVE-2008-5319 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- Apache Tomcat Login Constraints Security Bypass Vulnerability
- Apache Open For Business HTML injection vulnerability
- Afian 'includer.php' Directory Traversal Vulnerability
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities