Published: 11/04/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tiki tikiwiki cms\\/groupware 1.6.1
tiki tikiwiki cms\\/groupware

source: wwwsecurityfocuscom/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload t ...

TikiWiki Multiple Vulnerabilities Vendor: TikiWiki Project Product: TikiWiki Version: <= 181 Website: wwwtikiwikiorg/ BID: 10100 CVE: CVE-2004-1923 CVE-2004-1924 CVE-2004-1925 CVE-2004-1926 CVE-2004-1927 CVE-2004-1928 OSVDB: 5181 5182 5183 5184 5185 5186 5187 5188 5189 5190 5191 5192 5193 5194 5195 5196 5197 5198 5199 5200 5201 52 ...

CWE-200 http://tikiwiki.org/tiki-read_article.php?articleId=66 http://www.securityfocus.com/bid/10100 http://secunia.com/advisories/11344 http://marc.info/?l=bugtraq&m=108180073206947&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15847 https://nvd.nist.gov https://www.exploit-db.com/exploits/23952/

CVE-2004-1923

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect