CVE-2007-5423

Published: Oct 12, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to execute arbitrary code via PHP sequences in the f array parameter, which are processed by create_function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-200710-21

vendor-advisory

x_refsource_GENTOO

ADV-2007-3492

vdb-entry

x_refsource_VUPEN

http://securityvulns.ru/Sdocument162.html

x_refsource_MISC

20071010 Vulnerabilities digest

mailing-list

x_refsource_BUGTRAQ

26006

vdb-entry

x_refsource_BID

27344

third-party-advisory

x_refsource_SECUNIA

http://bugs.gentoo.org/show_bug.cgi?id=195503

x_refsource_MISC

40478

vdb-entry

x_refsource_OSVDB

3216

third-party-advisory

x_refsource_SREASON

tikiwiki-tikigraphformula-command-execution(37076)

vdb-entry

x_refsource_XF

20071011 Tikiwiki 1.9.8 exploit ITW

mailing-list

x_refsource_BUGTRAQ

http://sourceforge.net/project/shownotes.php?release_id=546283&group_id=64258

x_refsource_CONFIRM

http://sourceforge.net/forum/forum.php?forum_id=744898

x_refsource_CONFIRM

4509

exploit

x_refsource_EXPLOIT-DB

27190

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5423

Description

Affected Products

References