Lucene search
K

2031 matches found

Nuclei
Nuclei
added 5 hours ago34 views

Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting

Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site scripting via the GET "ajax" parameter to snarfajax.php. id: CVE-2011-4336 info: name: Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting author: pikpikcu severity: medium description: Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site...

6.1CVSS6.3AI score0.07652EPSS
Exploits1References3
Nuclei
Nuclei
added 5 hours ago61 views

Tiki Wiki CMS Groupware 5.2 - Local File Inclusion

Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability. id: CVE-2010-4239 info: name: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion author: 0xakoko severity: critical description: Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability...

9.8CVSS7AI score0.1343EPSS
Exploits1References5
Nuclei
Nuclei
added 5 hours ago88 views

Tiki Wiki CMS GroupWare - Authentication Bypass

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. id: CVE-2020-15906 info: name: Tiki Wiki CMS GroupWare - Authentication Bypass author: JeonSungHyunnukunga,gy741,oIfloraIo,nechyo,harksu severity: critical description: | tiki-login.php in...

9.8CVSS7AI score0.27362EPSS
Exploits5References5
NVD
NVD
added 2026/07/05 1:16 p.m.7 views

CVE-2026-14748

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...

6.5CVSS0.00231EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/05 12:15 p.m.25 views

CVE-2026-14748 AIAnytime Awesome-MCP-Server mcp-wiki/wiki-summary server.py server-side request forgery

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...

6.5CVSS0.00231EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/05 12:15 p.m.6 views

CVE-2026-14748

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...

6.5CVSS6.2AI score0.00231EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/05 12:15 p.m.9 views

EUVD-2026-41754

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...

6.5CVSS5.5AI score0.00231EPSS
Exploits0References8
CVE
CVE
added 2026/07/05 12:15 p.m.15 views

CVE-2026-14748

CVE-2026-14748 affects AIAnytime Awesome-MCP-Server (mcp-wiki/wiki-summary) via server.py in mcp-wiki/wiki-summary: manipulation of the url parameter enables server-side request forgery. Impact is described as network-accessible with low to moderate confidentiality/integrity/availability effects;...

6.5CVSS6.2AI score0.00231EPSS
Exploits0References8
NVD
NVD
added 2026/07/05 8:16 a.m.11 views

CVE-2026-14722

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from...

7.5CVSS0.00315EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 7:30 a.m.33 views

CVE-2026-14722 tiddly-gittly TidGi-Desktop Git Repository Import loadWikiTiddlersWithSubWikis.ts code injection

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from...

7.5CVSS0.00315EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 7:30 a.m.11 views

CVE-2026-14722

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from...

7.5CVSS6.7AI score0.00315EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.13 views

PT-2026-55793

Name of the Vulnerable Software and Affected Versions AIAnytime Awesome-MCP-Server versions up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab Description A flaw in the mcp-wiki/wiki-summary component, specifically within the mcp-wiki/src/mcp wiki/server.py file, allows for server-side request forger...

6.5CVSS6.6AI score0.00231EPSS
Exploits0References11
Circl
Circl
added 2026/07/02 6:35 p.m.13 views

CVE-2026-52854

creationtimestamp| type| source ---|---|--- 2026-07-02 18:35:02+00:00| published-proof-of-concept| https://github.com/ProfessionalWiki/Maps/security/advisories/GHSA-4h7g-5542-v3fc...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/07/02 4:18 p.m.5 views

GHSA-P2FH-F5FC-44HR OpenClaw: memory-wiki ingest could read local files with operator.write scope

Summary memory-wiki ingest could read local files with operator.write scope. In affected versions, a Gateway caller with operator.write access to the plugin tool could read arbitrary local file paths instead of staying within the intended ingest sources. This advisory is scoped to the named featu...

6.5CVSS6.1AI score0.00375EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/02 12:31 p.m.6 views

CVE-2026-58517

A flaw was found in The Wikimedia Foundation Mediawiki - WikiLambda Extension. This vulnerability, caused by improper neutralization of input terminators, allows an attacker to bypass authentication. This could lead to unauthorized access to the system. Mitigation To mitigate this vulnerability,...

9.1CVSS5.7AI score0.00194EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 6:23 p.m.21 views

CVE-2026-58517

CVE-2026-58517 concerns the Wikimedia Foundation’s MediaWiki WikiLambda Extension, with an issue labeled as an improper neutralization of input terminators that enables an authentication bypass. Affected versions are WikiLambda Extension releases prior to 1.43.9, 1.44.6, and 1.45.4. The CVSS 4.0 ...

6.9CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2026-58025

Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4,...

9.8CVSS0.00503EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:23 p.m.17 views

CVE-2026-58025

CVE-2026-58025 describes a deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki (affected components: includes/Import/WikiImporter.php, includes/Import/WikiRevision.php, includes/Logging/LogEntryBase.php) that affects MediaWiki releases prior to 1.46.0, including 1.45...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:51 p.m.14 views

CVE-2026-58037

MediaWiki up to versions older than 1.46.0 (including 1.45.4, 1.44.6, 1.43.9) is affected by CVE-2026-58037, an XSS in log/locale-related rendering code (files such as includes/Language/Language.php and several LogFormatter classes) that allows improper neutralization of user input during web pag...

6.1CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-52808

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS0.00478EPSS
Exploits0References4
Rows per page
Query Builder