CVE-2002-2106 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-2106

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.

Affected Software

Name	Vendor	Start Version	End Version
Wikkitikkitavi	Wikkitikkitavi	0.5 (including)	0.5 (including)
Wikkitikkitavi	Wikkitikkitavi	0.10 (including)	0.10 (including)
Wikkitikkitavi	Wikkitikkitavi	0.20 (including)	0.20 (including)

References

http://securitytracker.com/id?1003307
http://sourceforge.net/mailarchive/message.php?msg_id=185752
http://www.securityfocus.com/bid/3946
https://exchange.xforce.ibmcloud.com/vulnerabilities/8001