Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tikiwiki cms groupware vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2006-5703
Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in Tikiwiki 1.9.5 allows remote malicious users to inject arbitrary web script or HTML via a url parameter that evades filtering, as demonstrated by a parameter value containing malformed, nested SCRIPT elements.
Tiki Tikiwiki Cms\\/groupware 1.9.5
1 EDB exploit
383
VMScore
CVE-2006-6162
Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote malicious users to inject arbitrary web script or HTML via the pageAlias parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third...
Tiki Tikiwiki Cms\\/groupware 1.9.6
312
VMScore
CVE-2018-7303
The Calendar component in Tiki 17.1 allows HTML injection.
Tiki Tikiwiki Cms\\/groupware 17.1
605
VMScore
CVE-2020-29254
TikiWiki 21.2 allows templates to be edited without CSRF protection. This could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF...
Tiki Tikiwiki Cms\\/groupware 21.2
1 Github repository
383
VMScore
CVE-2010-4240
Tiki Wiki CMS Groupware 5.2 has XSS
Tiki Tikiwiki Cms\\/groupware 5.2
445
VMScore
CVE-2009-1204
Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) CMS/Groupware 2.2 allows remote malicious users to inject arbitrary web script or HTML via the PHP_SELF portion of a URI to (1) tiki-galleries.php, (2) tiki-list_file_gallery.php, (3) tiki-listpages.php, and (4) tiki-orp...
Tiki Tikiwiki Cms\\/groupware 2.2
3 EDB exploits
312
VMScore
CVE-2021-36550
TikiWiki v21.4 exists to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload under the Create category module.
Tiki Tikiwiki Cms\\/groupware 21.4
760
VMScore
CVE-2007-5423
tiki-graph_formula.php in TikiWiki 1.9.8 allows remote malicious users to execute arbitrary code via PHP sequences in the f array parameter, which are processed by create_function.
Tiki Tikiwiki Cms\\/groupware 1.9.8
2 EDB exploits
585
VMScore
CVE-2012-5321
tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote malicious users to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."
Tiki Tikiwiki Cms\\/groupware 8.3
1 EDB exploit
668
VMScore
CVE-2010-4239
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
Tiki Tikiwiki Cms\\/groupware 5.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »