CVE-2006-4734

Name of the Vulnerable Software and Affected Versions Tikiwiki version 1.9.4

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in the tiki-g-admin processes.php file, specifically via the pid and where parameters.

Recommendations For Tikiwiki version 1.9.4, consider restricting access to the tiki-g-admin processes.php file to minimize the risk of exploitation. Avoid using the pid and where parameters in this file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.