Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026
CVE-2002-2106
CVE-2002-2106
Description
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:wikkitikkitavi:wikkitikkitavi:0.10:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:wikkitikkitavi:wikkitikkitavi:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:wikkitikkitavi:wikkitikkitavi:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:wikkitikkitavi:wikkitikkitavi:0.5:*:*:*:*:*:*:*
- (no CPE)range: <0.21
Patches
Vulnerability mechanics
References
4- securitytracker.com/idnvdExploitPatch
- sourceforge.net/mailarchive/message.phpnvdExploitVendor Advisory
- www.securityfocus.com/bid/3946nvdExploitPatch
- exchange.xforce.ibmcloud.com/vulnerabilities/8001nvd
News mentions
0No linked articles in our index yet.