Bug#388122: CVE-2006-4734: tikiwiki arbitrary SQL execution vulnerability

Mon, 18 Sep 2006 11:37:26 -0700 

Package: tikiwiki
Severity: grave
Tags: security
Justification: user security hole

A security issue has been found in tikiwiki:

Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php
in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL
commands via the (1) pid and (2) where parameters.

Please mention the CVE id in the changelog.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to