Show filters
13 Total Results
Displaying 1-10 of 13
Sort by:
Attacker Value
Unknown

CVE-2008-3654

Disclosure Date: August 13, 2008 (last updated October 04, 2023)
Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows attackers to obtain "path and PHP configuration" via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2008-3653

Disclosure Date: August 13, 2008 (last updated October 04, 2023)
Multiple unspecified vulnerabilities in TikiWiki CMS/Groupware before 2.0 have unknown impact and attack vectors.
0
0
Attacker Value
Unknown

CVE-2007-6529

Disclosure Date: December 27, 2007 (last updated October 04, 2023)
Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.
0
0
Attacker Value
Unknown

CVE-2007-6526

Disclosure Date: December 27, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter.
0
0
Attacker Value
Unknown

CVE-2007-6528

Disclosure Date: December 27, 2007 (last updated October 04, 2023)
Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter.
0
0
Attacker Value
Unknown

CVE-2007-5683

Disclosure Date: October 26, 2007 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to the password reminder page (tiki-remind_password.php), (2) IMG tags in wiki pages, and (3) the local_php parameter to db/tiki-db.php.
0
0
Attacker Value
Unknown

CVE-2007-5684

Disclosure Date: October 26, 2007 (last updated October 04, 2023)
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "..%2F" sequences in the imp_language parameter to tiki-imexport_languages.php.
0
0
Attacker Value
Unknown

CVE-2007-5682

Disclosure Date: October 26, 2007 (last updated October 04, 2023)
Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWiki before 1.9.8.2 allows remote attackers to execute arbitrary code by using variable functions and variable variables to write variables whose names match the whitelist, a different vulnerability than CVE-2007-5423.
0
0
Attacker Value
Unknown

CVE-2006-6168

Disclosure Date: November 29, 2006 (last updated October 04, 2023)
tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of "a minimal check on email."
0
0
Attacker Value
Unknown

CVE-2006-6163

Disclosure Date: November 29, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters.
0
0
View More Topics  Next >