Intrusion Prevention

TikiWiki.jhot.php.Script.File.Upload.Security.Bypass

Description

This indicates an attack attempt against an unrestricted file-upload vulnerability in jhot.php in TikiWiki.
This vulnerability allows remote attackers to upload arbitrary PHP code via a "filepath" parameter that contains a filename with a .php extension. This can lead to remote command execution.

Affected Products

TikiWiki Project TikiWiki 1.9.4
TikiWiki Project TikiWiki 1.9.3 2
TikiWiki Project TikiWiki 1.9.3 1
TikiWiki Project TikiWiki 1.9.2
TikiWiki Project TikiWiki 1.9.1 .1
TikiWiki Project TikiWiki 1.9.1
TikiWiki Project TikiWiki 1.9 -rc3.1
TikiWiki Project TikiWiki 1.9 -rc3
TikiWiki Project TikiWiki 1.9 -rc2
TikiWiki Project TikiWiki 1.9 -rc1
TikiWiki Project TikiWiki 1.8.5
TikiWiki Project TikiWiki 1.8.4
TikiWiki Project TikiWiki 1.8.3
TikiWiki Project TikiWiki 1.8.2
TikiWiki Project TikiWiki 1.8.1
TikiWiki Project TikiWiki 1.8
TikiWiki Project TikiWiki 1.7.9
TikiWiki Project TikiWiki 1.7.8
TikiWiki Project TikiWiki 1.7.7
TikiWiki Project TikiWiki 1.7.6
TikiWiki Project TikiWiki 1.7.5
TikiWiki Project TikiWiki 1.7.4
TikiWiki Project TikiWiki 1.7.3
TikiWiki Project TikiWiki 1.7.2
TikiWiki Project TikiWiki 1.7.1
TikiWiki Project TikiWiki 1.6.1

Impact

Security bypass, remote command execution.

Recommended Actions

Currently we are not aware of any officially supplied fix for this issue.

CVE References

CVE-2006-4602