174 matches found
Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting
Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site scripting via the GET "ajax" parameter to snarfajax.php. id: CVE-2011-4336 info: name: Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting author: pikpikcu severity: medium description: Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site...
Tiki Wiki CMS GroupWare - Authentication Bypass
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. id: CVE-2020-15906 info: name: Tiki Wiki CMS GroupWare - Authentication Bypass author: JeonSungHyunnukunga,gy741,oIfloraIo,nechyo,harksu severity: critical description: | tiki-login.php in...
Tiki Wiki CMS Groupware 5.2 - Local File Inclusion
Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability. id: CVE-2010-4239 info: name: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion author: 0xakoko severity: critical description: Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability...
EUVD-2010-4213
Malware in sbrugna...
EUVD-2016-1332
Malware in sbrugna...
EUVD-2020-29796
Malware in sbrugna...
EUVD-2010-4214
Malware in sbrugna...
EUVD-2016-10678
Malware in sbrugna...
EUVD-2017-18083
Malware in sbrugna...
EUVD-2013-4566
Malware in sbrugna...
EUVD-2024-42517
Malicious code in bioql PyPI...
EUVD-2025-21426
Malicious code in bioql PyPI...
EUVD-2025-21425
Malicious code in bioql PyPI...
EUVD-2024-42514
Malicious code in bioql PyPI...
EUVD-2022-4098
Malicious code in bioql PyPI...
EUVD-2024-42520
Malicious code in bioql PyPI...
CVE-2025-34113
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the viewmode GET parameter in tiki-calendar.php. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execu...
CVE-2025-34111
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector connector.minimal.php, which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The...
CVE-2025-34113
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the viewmode GET parameter in tiki-calendar.php. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execu...
CVE-2025-34111
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector connector.minimal.php, which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The...