Tiki Wiki CMS Groupware 8.1 / 6.4 LTS Cross Site Scripting

Advisory: Tiki Wiki CMS Groupware Stored Cross-Site-Scripting Advisory ID: INFOSERVE-ADV2011-07 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 8.1 & 6.4 LTS affects all current releases Vendor URL: http://info.tiki.org/ Vendor Status: fixed...

Tiki Wiki CMS Groupware 8.1 - 'show_errors' HTML Injection

source: https://www.securityfocus.com/bid/51128/info Tiki Wiki CMS Groupware is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the...

tikiwiki -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and disclose potentially sensitive information. Input passed to the username parameter in tiki-remindpassword.php when remi...

Multiple XSS Vulnerabilities in Tikiwiki 1.9.x

Multiple XSS Vulnerabilities in Tikiwiki 1.9.x Discovered by Blwood http://www.blwood.net Public ------------- Tiki-lastchanges http://www.site.com/tiki-lastchanges.php?days=3&offset=223E3Cscr3Cscript3Eipt3Ealert'Blwood'3C/scr3C/script3Eipt3E...