CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OpenVAS•added 2023/01/16 12:0 a.m.•17 views

Tiki Wiki CMS Groupware < 18.10, 21.x < 21.8, 24.x < 24.3, 25.0 Multiple CSRF Vulnerabilities

Tiki Wiki CMS Groupware is prone to multiple cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

6.5CVSS6.7AI score0.00123EPSS

Exploits2References2

NVD•added 2023/01/14 1:15 a.m.•10 views

CVE-2023-22852

Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-importsheet.php...

6.5CVSS6.5AI score0.00123EPSS

Exploits2References2

OSV•added 2023/01/14 1:15 a.m.•17 views

CVE-2023-22852

Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-importsheet.php...

6.5CVSS6.9AI score

Exploits0References2

Prion•added 2023/01/14 1:15 a.m.•13 views

Cross site request forgery (csrf)

Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-importsheet.php...

4.3CVSS6.5AI score0.00123EPSS

Exploits2References2Affected Software1

Cvelist•added 2023/01/14 12:0 a.m.•11 views

CVE-2023-22852

Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-importsheet.php...

6.7AI score0.00123EPSS

Exploits2References2

CVE•added 2023/01/14 12:0 a.m.•46 views

CVE-2023-22852

CVE-2023-22852 affects Tiki Wiki CMS Groupware. Multiple CSRF vulnerabilities exist in the scripts tiki-importer.php and tiki-import_sheet.php, enabling CSRF attacks on versions prior to 25.0. The issue arises from missing anti-CSRF protections in these entry points. Impact is described as cross-...

6.5CVSS6.4AI score0.00123EPSS

Exploits2References2Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•10 views

EsContacts 1.0 - importer.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

AWS XMS 2.5 (importer.php, what param) - Directory Traversal Vulnerability

No description provided by source...

7.1AI score

Exploits0

Exploit DB•added 2008/04/17 12:0 a.m.•17 views

EsContacts 1.0 - 'importer.php?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

exploitpack•added 2008/04/17 12:0 a.m.•12 views

EsContacts 1.0 - importer.php?msg Cross-Site Scripting

EsContacts 1.0 - importer.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary scri...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by