48 matches found
Tiki Wiki CMS Groupware 5.2 - Local File Inclusion
Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability. id: CVE-2010-4239 info: name: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion author: 0xakoko severity: critical description: Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability...
EUVD-2016-8250
Malware in sbrugna...
📄 Tiki Wiki CMS Groupware 28.3 Server-Side Template Injection
Tiki Wiki CMS Groupware versions 28.3 and below suffer from two server-side template injection vulnerabilities via specially crafted wiki pages. ---------------------------------------------------------------------------------- Tiki Wiki CMS Groupware '" The second vulnerability can be leveraged ...
CVE-2011-4336
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarfajax.php...
CVE-2010-4239
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion...
Tiki Wiki CMS Groupware < 21.12, 22.0 < 24.8, 25.0 < 27.2, 28.0 < 28.3 Code Injection Vulnerability
Tiki Wiki CMS Groupware is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tiki Wiki CMS Groupware <= 29.0 Multiple XSS Vulnerabilities
Tiki Wiki CMS Groupware is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tiki Wiki CMS Groupware < 28.0 Multiple Vulnerabilities
Tiki Wiki CMS Groupware is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
Tiki Wiki CMS Groupware 25.0 Cross Site Request Forgery
------------------------------------------------------------------------------ Tiki Wiki CMS Groupware = 25.0 Two Cross-Site Request Forgery Vulnerabilities ------------------------------------------------------------------------------ - Software Link: https://tiki.org - Affected Versions: Versio...
Tiki Wiki CMS Groupware 24.0 structlib.php Code Execution
-------------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 24.0 structlib.php PHP Code Injection Vulnerability -------------------------------------------------------------------------------- - Software Link: https://tiki.org - Affected Versions:...
Tiki Wiki CMS Groupware Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Tiki Wiki CMS Groupware Cross-Site Scripting Vulnerability (CNVD-2020-35520)
Tiki Wiki CMS Groupware is a Wiki-based open source content management system and online office suite . A cross-site scripting vulnerability exists in php pages in Tiki Wiki CMS Groupware version 20.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data in the...
Tiki Wiki CMS Groupware cross-site scripting vulnerability (CNVD-2019-39359)
Tiki Wiki CMS Groupware is a Wiki-based open source content management system and online office suite . A cross-site scripting vulnerability exists in Tiki Wiki CMS Groupware version 5.2, which stems from a lack of proper validation of client-side data in the web application and can be exploited ...
Cross site request forgery (csrf)
Tiki Wiki CMS Groupware 5.2 has CSRF...
CVE-2010-4240
The CVE-2010-4240 entry concerns Tiki Wiki CMS Groupware 5.2 with a cross-site scripting (XSS) vulnerability. The connected records indicate an XSS flaw arising from insufficient validation of client-side data in the web application, enabling execution of injected script. No exploit details, affe...
Tiki Wiki CMS Groupware < 17.2 SQLi Vulnerability
Tiki Wiki CMS Groupware is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tiki Wiki CMS Groupware < 18.1 XSS Vulnerability
Tiki Wiki CMS Groupware is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 allows remote attackers to bypass the XSS filter via padded zero characters, as demonstrated by an attack on tiki-batchsendnewsletter.php...
CVE-2017-9305
lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 allows remote attackers to bypass the XSS filter via padded zero characters, as demonstrated by an attack on tiki-batchsendnewsletter.php...