Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2012-0911

๐Ÿ—“๏ธย 12 Jul 2012ย 19:03:55Reported byย mitreTypeย 
cve
ย cve๐Ÿ”—ย web.nvd.nist.gov๐Ÿ‘ย 124ย Views๐ŸŒ WEB

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution
4 Jul 201200:00
โ€“zdt
0day.today		Tiki Wiki <= 8.3 unserialize() PHP Code Execution
9 Jul 201200:00
โ€“zdt
Metasploit		Tiki Wiki unserialize() PHP Code Execution
5 Jul 201218:58
โ€“metasploit
NVD		CVE-2012-0911
12 Jul 201219:55
โ€“nvd
Packet Storm		Tiki Wiki <= 8.3 unserialize() PHP Code Execution
6 Jul 201200:00
โ€“packetstorm
Packet Storm		Tiki Wiki CMS Groupware 8.3 Code Execution
4 Jul 201200:00
โ€“packetstorm
seebug.org		Tiki Wiki CMS Groupware 'unserialize()' PHPไปฃ็ ๆ‰ง่กŒๆผๆดž
6 Jul 201200:00
โ€“seebug
seebug.org		Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution
1 Jul 201400:00
โ€“seebug
Exploit DB		Tiki Wiki CMS Groupware 8.3 - &#039;Unserialize()&#039; PHP Code Execution
4 Jul 201200:00
โ€“exploitdb
Exploit DB		Tiki Wiki CMS Groupware 8.3 - &#039;Unserialize()&#039; PHP Code Execution (Metasploit)
9 Jul 201200:00
โ€“exploitdb
Rows per page
Nvd
Node
tikitikiwiki_cms/groupwareRange<6.7lts
OR
tikitikiwiki_cms/groupwareRange<8.4-
ParameterPositionPathDescriptionCWE
printpagesrequest bodytiki-print_multi_pages.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
printpagesrequest bodytiki-print_pages.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
printstructuresrequest bodytiki-print_pages.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
sendpagesrequest bodytiki-send_objects.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
sendstructuresrequest bodytiki-send_objects.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
sendarticlesrequest bodytiki-send_objects.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502
cookieNamerequest bodylib/banners/bannerlib.phpThis endpoint allows arbitrary PHP code execution via user-controlled input passed to unserialize function.CWE-502

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
12 Jul 2012 19:55Current
9.5High risk
Vulners AI Score9.5
CVSS27.5
CVSS39.8
EPSS0.77945
CWE-502
cve-2012-0911tikiwikicmsgroupwareremote code executionphpunserializesecurity vulnerability
124
.json
Report