6 matches found
EUVD-2021-23153
Malware in sbrugna...
CVE-2025-34113
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the viewmode GET parameter in tiki-calendar.php. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execu...
CVE-2021-36551
TikiWiki v21.4 was discovered to contain a cross-site scripting XSS vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module...
CVE-2025-34113
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/tikicalendarexec.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
Tiki Calendar HTML Injection Vulnerability
Tiki is a suite of open source content management and portal applications from the Tiki software community that can be used to create web applications, portals, intranets, extranets, etc. Calendar is one of the calendar components. A cross-site scripting vulnerability exists in the Calendar...
Tiki Wiki CMS Calendar 6.159.11 LTS12.5 LTS14.2 - Remote Code Execution
Tiki Wiki CMS Calendar 6.159.11 LTS12.5 LTS14.2 - Remote Code Execution Exploit Title: Tiki-Calendar-RCE Google Dork: inurl:tiki-calendar.php Date: 2015-12-16 Exploit Author: Dany Ouellet Vendor Homepage: https://tiki.org/article414-Important-Security-Fix-for-all-versions-of-Tiki Software Link:...