Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tiki tikiwiki cms\\/groupware 1.6.1 |
||
tiki tikiwiki cms\\/groupware |