In association with heise online

15 October 2007, 09:16

Update closes TikiWiki holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An update has been released for TikiWiki to remedy a recently publicised critical vulnerability. The flaw can be exploited to execute arbitrary PHP commands on the server by means of specially crafted URLs. All versions from release 1.9.1 on are affected. The update, release, can be downloaded from the project's website. The update only changes files; it does not update the database. Users can also exchange the file concerned directly: a link to the new file is provided at the Tiki home page. Users of version 1.10 should update their system via CVS.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit