5 matches found
TikiWiki Project 1.8 tiki-index.php comments_threshold Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting,...
Directory traversal
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in 1 errorhandlerfile and 2 localphp parameters to a tiki-index.php, or 3 encoded "..%2F" sequences in the implanguage parameter to...
CVE-2007-5684
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in 1 errorhandlerfile and 2 localphp parameters to a tiki-index.php, or 3 encoded "..%2F" sequences in the implanguage parameter to...
CVE-2007-5684
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in 1 errorhandlerfile and 2 localphp parameters to a tiki-index.php, or 3 encoded "..%2F" sequences in the implanguage parameter to...
tikiwiki -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and disclose potentially sensitive information. Input passed to the username parameter in tiki-remindpassword.php when remi...