Intrusion PreventionTikiWiki.jhot.php.Script.File.Upload.Security.Bypass
Description
This indicates an attack attempt against an unrestricted file-upload vulnerability in jhot.php in TikiWiki.
This vulnerability allows remote attackers to upload arbitrary PHP code via a "filepath" parameter that contains a filename with a .php extension. This can lead to remote command execution.
Affected Products
TikiWiki Project TikiWiki 1.9.4
TikiWiki Project TikiWiki 1.9.3 2
TikiWiki Project TikiWiki 1.9.3 1
TikiWiki Project TikiWiki 1.9.2
TikiWiki Project TikiWiki 1.9.1 .1
TikiWiki Project TikiWiki 1.9.1
TikiWiki Project TikiWiki 1.9 -rc3.1
TikiWiki Project TikiWiki 1.9 -rc3
TikiWiki Project TikiWiki 1.9 -rc2
TikiWiki Project TikiWiki 1.9 -rc1
TikiWiki Project TikiWiki 1.8.5
TikiWiki Project TikiWiki 1.8.4
TikiWiki Project TikiWiki 1.8.3
TikiWiki Project TikiWiki 1.8.2
TikiWiki Project TikiWiki 1.8.1
TikiWiki Project TikiWiki 1.8
TikiWiki Project TikiWiki 1.7.9
TikiWiki Project TikiWiki 1.7.8
TikiWiki Project TikiWiki 1.7.7
TikiWiki Project TikiWiki 1.7.6
TikiWiki Project TikiWiki 1.7.5
TikiWiki Project TikiWiki 1.7.4
TikiWiki Project TikiWiki 1.7.3
TikiWiki Project TikiWiki 1.7.2
TikiWiki Project TikiWiki 1.7.1
TikiWiki Project TikiWiki 1.6.1
Impact
Security bypass, remote command execution.
Recommended Actions
Currently we are not aware of any officially supplied fix for this issue.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 14693 |
| Created | Jun 26, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-4602 |
| Exploit Prediction Score | 96.41% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | PHP_app |