This Metasploit module exploits a file upload vulnerability in Tiki Wiki versions 15.1 and below which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The issue comes with one of the 3rd party components. Name of that components is ELFinder -version 2.0-. This components comes with default example page which demonstrates file operations such as upload, remove, rename, create directory etc. Default configuration does not force validations such as file extension, content-type etc. Thus, unauthenticated user can upload PHP file. The exploit has been tested on Debian 8.x 64-bit and Tiki Wiki 15.1.
f88afc6f681b7accefabd167d71cdc67a68314ed8f27fa9389816223e5aa4fb6MindTouch Deki Wiki version 10.1.3 suffers from local file inclusion and remote file inclusion vulnerabilities.
1f4ca7a634bd64462aadf58174a71b966947d403044fd5518e0962fbeee6c17aSecunia Security Advisory - Secunia Research has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
47a76f37dddcb906d549b86ea166e660e939cb8fc5c91cf36d9e84456224bb63This Metasploit module exploits a php unserialize() vulnerability in Tiki Wiki <= 8.3 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the webserver user. The dangerous unserialize() exists in the 'tiki-print_multi_pages.php' script, which is called with user controlled data from the 'printpages' parameter. The exploit abuses the __destruct() method from the Zend_Pdf_ElementFactory_Proxy class to write arbitrary PHP code to a file on the Tiki Wiki web directory. In order to run successfully three conditions must be satisfied (1) display_errors php setting must be On to disclose the filesystem path of Tiki Wiki, (2) The Tiki Wiki Multiprint feature must be enabled to exploit the unserialize() and (3) a php version older than 5.3.4 must be used to allow poison null bytes in filesystem related functions. The exploit has been tested successfully on Ubuntu 9.10 and Tiki Wiki 8.3.
04e6daabf6b6a5dba1b8fa576bc4f910b4df1c7b90652847142a832796744523Tiki Wiki CMS Groupware versions 8.3 and below suffer from an unserialize() PHP code execution vulnerability.
1131c8a6485c082585a271f33d7953e4f5c4c0779bc61c2352ed14fa8c3a700aThis is the html code used for the Wikiboat automated distributed denial of service tool.
69387a4ae6f8a662b4fce340b25dca7da73b81267665ab3e88b9f91f4edb4dc4Gentoo Linux Security Advisory 201206-9 - Multiple vulnerabilities have been found in MediaWiki, the worst of which leading to remote execution of arbitrary code. Versions less than 1.18.2 are affected.
2ae3bc72ec6a16c6837ec41edc36fb76dded93cd54de24920dc77b2d2a0cb4d6Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
456ba7425881e8b57ec14caa266aff30694202c2b4228197de0785144ed1a06fSecunia Security Advisory - Two vulnerabilities has been reported in ikiwiki, which can be exploited by malicious users to conduct script insertion attacks.
d966a6be04dac70e70211ef292ac27896ec608691f3211d49a10228e953d9a8dSecunia Security Advisory - Debian has issued an update for ikiwiki. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.
49c531e70a9499592a64cd1880710ed562e3b47013d2b35c15ed3ec894a1fbc9Debian Linux Security Advisory 2474-1 - Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.
a77c6364ff42f6e4ec36b1b89e3dd029f590700100d32902704980fbb69b522dThis Metasploit module exploits a vulnerability found in WikkaWiki. When the spam logging feature is enabled, it is possible to inject PHP code into the spam log file via the UserAgent header, and then request it to execute our payload. There are at least three different ways to trigger spam protection, this module does so by generating 10 fake URLs in a comment (by default, the max_new_comment_urls parameter is 6). Please note that in order to use the injection, you must manually pick a page first that allows you to add a comment, and then set it as 'PAGE'.
979dd7941c1071466332c8564dba032aa510362e1fb22f874339cf269936c50eDocuWiki version 2012/01/25 suffers from cross site request forgery and cross site scripting vulnerabilities.
65f9c5fa6df169096268a3322d42c2a804c57e0e191fa90806551a8ae0aba88bSecunia Security Advisory - Khashayar Fereidani has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
1fb33f2da39d64e6baefc0408ce47a7f6c0a455a7a9a24341b0b3184ee036607Secunia Security Advisory - Sooraj K.S has discovered a vulnerability in JAMWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
547ef8aba02eb92eb63ad1c85eeff8de65325bb1b719e630f6dd299ad4d2fb0cJAMWiki version 1.1.4 suffers from a reflective cross site scripting vulnerability.
3a434a12f95e083d4e37bd69a090f4a82a49d407c4756262d732f4e0e3f3a399Secunia Security Advisory - Multiple vulnerabilities have been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose potentially sensitive information and conduct cross-site request forgery attacks.
40cac0176262c31007d87ef3b3a701c2a6803731e804aab7bb85ec72bb643cd9Wikidforum version 2.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
fd71c519d26a290071368eb97558a826690b477e648a09a2181602c451e98048Secunia Security Advisory - Sony has discovered a vulnerability in MoniWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
369ecc123ce83378a3976209246398880a3ee6b1a3c6e4b49cde9d3dfec667abSecunia Security Advisory - Sony has discovered a vulnerability in Tiki Wiki CMS/Groupware, which can be exploited by malicious people to conduct cross-site scripting attacks.
b534a7a979b7a1b287caf7f3e7c713b5b23c682819b5264825cdb9ae067b1cb1Wiki Spot suffers from a cross site scripting vulnerability.
4d2b2779ee8292f917098041a48c19cf8e54bd1d6439bb1e92a49ed8615e3b03Tiki Wiki CMS Groupware suffers from a frame inclusion vulnerability.
05720d1da49c07e5b6c22ca7d008fc4d76b707bf99890daa696a95820a56dbdaMoniWiki suffers from a cross site scripting vulnerability.
799d18c12ae2a2c3f0d81953eb3ec54b6c09726f6d2da8c50c5328adbd2d3a9bAtWiki suffers from a cross site scripting vulnerability.
6dbf7267b0c15f6b6589d7aa897b6c7090c0153ec2b7fb5c2d39479c077bb467ButorWiki version 3.0.0 suffers from a cross site scripting vulnerability.
bda14c1fa1703b593fc2b9c3aafb3b0d9488efc4242e2f03752e57b754c128f7JaWiki suffers from a cross site scripting vulnerability.
7467a36a300624866ddd5674bfc5015c3582e4a62c16ba5506e7a9e544a0ca6d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed