TikiWiki Configure Script JHot.PHP Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

TikiWiki Configure Script JHot.PHP Remote Command Execution Vulnerability

TikiWiki is prone to a remote command-execution vulnerability.

Attackers can exploit this issue to execute arbitrary system commands with the privileges of the webserver process.

TikiWiki 1.9.4 and prior versions are vulnerable to these issues; other versions may also be affected.