Sha0

**Name of the Vulnerable Software and Affected Versions** TikiWiki versions prior to 1.9.9 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by modifying the filename in the `movie` parameter with a .. (dot dot) sequence. **Recommendations** For versions prior to 1.9.9, update to version 1.9.9 or later to resolve the issue.