Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2012-3996

Published: 12/07/2012 Updated: 24/10/2012
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 510
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Tikiwiki Cms\/groupware

Vulnerability Summary

TikiWiki CMS/Groupware 8.3 and previous versions allows remote malicious users to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.

Vulnerable Product Search on Vulmon Subscribe to Product

tiki tikiwiki cms\\/groupware 7.2

tiki tikiwiki cms\\/groupware 7.0

tiki tikiwiki cms\\/groupware 5.0

tiki tikiwiki cms\\/groupware 4.1

tiki tikiwiki cms\\/groupware 3.3

tiki tikiwiki cms\\/groupware 3.5

tiki tikiwiki cms\\/groupware 6.1

tiki tikiwiki cms\\/groupware 6.0

tiki tikiwiki cms\\/groupware 5.3

tiki tikiwiki cms\\/groupware 5.2

tiki tikiwiki cms\\/groupware 2.2

tiki tikiwiki cms\\/groupware

tiki tikiwiki cms\\/groupware 8.1

tiki tikiwiki cms\\/groupware 8.0

tiki tikiwiki cms\\/groupware 4.0

tiki tikiwiki cms\\/groupware 4

tiki tikiwiki cms\\/groupware 3.1

tiki tikiwiki cms\\/groupware 3.0

tiki tikiwiki cms\\/groupware 7.1

tiki tikiwiki cms\\/groupware 6.2

tiki tikiwiki cms\\/groupware 5.1

tiki tikiwiki cms\\/groupware 4.2

tiki tikiwiki cms\\/groupware 3.2

tiki tikiwiki cms\\/groupware 3.4

Exploits

Exploit DB: Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution
<?php /* ----------------------------------------------------------------- Tiki Wiki CMS Groupware <= 83 "unserialize()" PHP Code Execution ----------------------------------------------------------------- author: Egidio Romano aka EgiX mail: n0b0d13s[at]gmail[dot]com software link: htt ...
Exploit DB: Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit ...

References

CWE-200http://info.tiki.org/article191-Tiki-Releases-8-4http://www.osvdb.org/83533http://www.exploit-db.com/exploits/19573http://archives.neohapsis.com/archives/bugtraq/2012-07/0020.htmlhttp://www.exploit-db.com/exploits/19630http://dev.tiki.org/item4109http://info.tiki.org/article190-Tiki-Wiki-CMS-Groupware-Updates-Tiki-6-7-LTShttps://nvd.nist.govhttps://www.exploit-db.com/exploits/19573/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook