CVE-2002-2106
WikkiTikkiTavi < 0.21 - Remote File Inclusion via TemplateDir Parameter
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2002-2106. PoCs published by Scott Moonen.
AI-analyzed exploit summary This is a writeup describing a remote file inclusion vulnerability in WikkiTikkiTavi. The vulnerability allows an attacker to include and execute arbitrary PHP scripts from a remote host via a malicious URL request.
Description
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
Exploits (1)
This is a writeup describing a remote file inclusion vulnerability in WikkiTikkiTavi. The vulnerability allows an attacker to include and execute arbitrary PHP scripts from a remote host via a malicious URL request.