Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.php or (b) tiki-print_pages.php; or (4) sendpages, (5) sendstructures, or (6) sendarticles parameter to tiki-send_objects.php, which is not properly handled when processed by the unserialize function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tiki Wiki CMS Groupware ‘unserialize()’ 多个PHP代码执行漏洞
Vulnerability Description
Tiki Wiki CMS Groupware是Tiki软件社区的一套开源的内容管理和门户应用程序,它可用于创建Web应用程序、门户网站、企业内部网、外联网等。 Tiki Wiki CMS Groupware中存在多个远程PHP代码执行漏洞。攻击者利用这些漏洞在受影响应用程序上下文中注入和执行任意恶意PHP代码,且有助于操控应用程序和底层系统,也可能存在其他攻击。Tiki Wiki CMS Groupware 8.4之前版本中存在漏洞,其他版本也可能受到影响。
CVSS Information
N/A
Vulnerability Type
N/A