Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tikiwiki cms groupware vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2011-4336
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
Tiki Tikiwiki Cms\\/groupware
1 EDB exploit
6.1
CVSSv3
CVE-2010-4240
Tiki Wiki CMS Groupware 5.2 has XSS
Tiki Tikiwiki Cms\\/groupware 5.2
6.1
CVSSv3
CVE-2016-7394
tiki wiki cms groupware <=15.2 has a xss vulnerability, allow attackers steal user's cookie.
Tiki Tikiwiki Cms\\/groupware
6.1
CVSSv3
CVE-2017-9145
TikiFilter.php in Tiki Wiki CMS Groupware 12.x up to and including 16.x does not properly validate the imgsize or lang parameter to prevent XSS.
Tiki Tikiwiki Cms\\/groupware 12.4
Tiki Tikiwiki Cms\\/groupware 12.5
Tiki Tikiwiki Cms\\/groupware 12.6
Tiki Tikiwiki Cms\\/groupware 12.7
Tiki Tikiwiki Cms\\/groupware 16.0
Tiki Tikiwiki Cms\\/groupware 16.1
Tiki Tikiwiki Cms\\/groupware 16.2
Tiki Tikiwiki Cms\\/groupware 13.2
Tiki Tikiwiki Cms\\/groupware 14.1
Tiki Tikiwiki Cms\\/groupware 15.0
Tiki Tikiwiki Cms\\/groupware 14.0
Tiki Tikiwiki Cms\\/groupware 12.0
Tiki Tikiwiki Cms\\/groupware 12.2
Tiki Tikiwiki Cms\\/groupware 12.9
Tiki Tikiwiki Cms\\/groupware 13.1
Tiki Tikiwiki Cms\\/groupware 15.1
Tiki Tikiwiki Cms\\/groupware 15.3
Tiki Tikiwiki Cms\\/groupware 12.1
Tiki Tikiwiki Cms\\/groupware 12.3
Tiki Tikiwiki Cms\\/groupware 12.8
Tiki Tikiwiki Cms\\/groupware 13.0
Tiki Tikiwiki Cms\\/groupware 15.2
6.1
CVSSv3
CVE-2017-9305
lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 allows remote malicious users to bypass the XSS filter via padded zero characters, as demonstrated by an attack on tiki-batch_send_newsletter.php.
Tiki Tikiwiki Cms\\/groupware 16.2
6.1
CVSSv3
CVE-2016-9889
Some forms with the parameter geo_zoomlevel_to_found_location in Tiki Wiki CMS 12.x prior to 12.10 LTS, 15.x prior to 15.3 LTS, and 16.x prior to 16.1 don't have the input sanitized, related to tiki-setup.php and article_image.php. The impact is XSS.
Tiki Tikiwiki Cms\\/groupware 16.0
Tiki Tikiwiki Cms\\/groupware 15.2
Tiki Tikiwiki Cms\\/groupware 12.5
Tiki Tikiwiki Cms\\/groupware 12.4
Tiki Tikiwiki Cms\\/groupware 12.3
Tiki Tikiwiki Cms\\/groupware 12.9
Tiki Tikiwiki Cms\\/groupware 12.8
Tiki Tikiwiki Cms\\/groupware 12.0
Tiki Tikiwiki Cms\\/groupware 15.1
Tiki Tikiwiki Cms\\/groupware 15.0
Tiki Tikiwiki Cms\\/groupware 12.2
Tiki Tikiwiki Cms\\/groupware 12.1
Tiki Tikiwiki Cms\\/groupware 12.7
Tiki Tikiwiki Cms\\/groupware 12.6
5.4
CVSSv3
CVE-2021-36551
TikiWiki v21.4 exists to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module.
Tiki Tikiwiki Cms\\/groupware 21.4
5.4
CVSSv3
CVE-2021-36550
TikiWiki v21.4 exists to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload under the Create category module.
Tiki Tikiwiki Cms\\/groupware 21.4
5.4
CVSSv3
CVE-2019-15314
tiki/tiki-upload_file.php in Tiki 18.4 allows remote malicious users to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
Tiki Tikiwiki Cms\\/groupware 18.4
5.4
CVSSv3
CVE-2018-14849
Tiki prior to 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
Tiki Tikiwiki Cms\\/groupware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »