Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiki tiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1924
Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via via the (1) theme parameter to tiki-switch_theme.php, (2) find and priority parameters to messu...
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
12 EDB exploits
NA
CVE-2004-1925
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php,...
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
16 EDB exploits
5.4
CVSSv3
CVE-2018-7290
Cross Site Scripting (XSS) exists in Tiki prior to 12.13, 15.6, 17.2, and 18.1.
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 18.0
NA
CVE-2004-1927
Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
2 EDB exploits
NA
CVE-2004-1928
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to upload and possibly execute arbitrary files via the img/wiki_up URL.
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
2 EDB exploits
NA
CVE-2006-6457
tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote malicious users to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
Tiki Tikiwiki Cms\\/groupware 1.9.5
Tiki Tikiwiki Cms\\/groupware 1.9.2
NA
CVE-2010-1133
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x prior to 4.2 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4.1
NA
CVE-2010-1135
The user_logout function in TikiWiki CMS/Groupware 4.x prior to 4.2 does not properly delete user login cookies, which allows remote malicious users to gain access via cookie reuse.
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4.1
8.8
CVSSv3
CVE-2018-20719
In Tiki prior to 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.
Tiki Tikiwiki Cms\\/groupware
6.1
CVSSv3
CVE-2011-4336
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
Tiki Tikiwiki Cms\\/groupware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »