Published: 12/04/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to upload and possibly execute arbitrary files via the img/wiki_up URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tiki tikiwiki cms\\/groupware 1.6.1
tiki tikiwiki cms\\/groupware

TikiWiki Multiple Vulnerabilities Vendor: TikiWiki Project Product: TikiWiki Version: <= 181 Website: wwwtikiwikiorg/ BID: 10100 CVE: CVE-2004-1923 CVE-2004-1924 CVE-2004-1925 CVE-2004-1926 CVE-2004-1927 CVE-2004-1928 OSVDB: 5181 5182 5183 5184 5185 5186 5187 5188 5189 5190 5191 5192 5193 5194 5195 5196 5197 5198 5199 5200 5201 52 ...

source: wwwsecurityfocuscom/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload http: ...

CWE-20 http://tikiwiki.org/tiki-read_article.php?articleId=66 http://www.securityfocus.com/bid/10100 http://secunia.com/advisories/11344 http://marc.info/?l=bugtraq&m=108180073206947&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15849 https://nvd.nist.gov https://www.exploit-db.com/exploits/43809/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1928

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect