MidnightBSD

Advisories for tiki

CVE-2004-1386 HIGH

TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2004-1923 MEDIUM

Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2004-1924 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the (1) theme parameter to tiki-switch_theme.php, (2) find and priority parameters to messu-mailbox.php, (3) flag, priority, flagval, sort_mode, or find parameters to messu-read.php, (4) articleId parameter to tiki-read_article.php, (5) parentId parameter to tiki-browse_categories.php, (6) comments_threshold parameter to tiki-index.php (7) articleId parameter to tiki-print_article.php, (8) galleryId parameter to tiki-list_file_gallery.php, (9) galleryId parameter to tiki-upload_file.php, (10) faqId parameter to tiki-view_faq.php, (11) chartId parameter to tiki-view_chart.php, or (12) surveyId parameter to tiki-survey_stats_survey.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2004-1925 HIGH

Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php, (4) tiki-browse_categories.php, (5) tiki-index.php, (6) tiki-user_tasks.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-file_galleries.php, (10) tiki-list_faqs.php, (11) tiki-list_trackers.php, (12) tiki-list_blogs.php, or via the offset parameter in (13) tiki-usermenu.php, (14) tiki-browse_categories.php, (15) tiki-index.php, (16) tiki-user_tasks.php, (17) tiki-list_faqs.php, (18) tiki-list_trackers.php, or (19) tiki-list_blogs.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2004-1926 HIGH

Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or the (5) Name, (6) Description, (7) URL, or (8) Country fields in a Directory/Add Site operation.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2004-1927 MEDIUM

Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2004-1928 HIGH

The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware *
CVE-2005-0200 HIGH

TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2005-1921 HIGH

Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
gggeek phpxmlrpc *
debian debian_linux 3.1
php xml_rpc *
drupal drupal *
tiki tikiwiki_cms/groupware *
CVE-2005-1925 HIGH

Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.6.1
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware *
CVE-2005-3283 MEDIUM

Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware *
CVE-2005-3528 MEDIUM

Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to inject arbitrary web script or HTML via the topics_offset parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.1
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware 1.9.2
CVE-2005-3529 MEDIUM

tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the installation path via an invalid topics_sort_mode parameter, possibly related to an SQL injection vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.1
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware 1.9.2
CVE-2006-2635 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Tikiwiki (aka Tiki CMS/Groupware) 1.9.x allow remote attackers to inject arbitrary web script or HTML via malformed nested HTML tags such as "<scr<script>ipt>" in (1) offset and (2) days parameters in (a) tiki-lastchanges.php, the (3) find and (4) offset parameters in (b) tiki-orphan_pages.php, the (5) offset and (6) initial parameters in (c) tiki-listpages.php, and (7) an unspecified field in (d) tiki-remind_password.php; and allow remote authenticated users with admin privileges to inject arbitrary web script or HTML via (8) an unspecified field in a metatags action in (e) tiki-admin.php, the (9) offset parameter in (f) tiki-admin_rssmodules.php, the (10) offset and (11) max parameters in (g) tiki-syslog.php, the (12) numrows parameter in (h) tiki-adminusers.php, (13) an unspecified field in (i) tiki-adminusers.php, (14) an unspecified field in (j) tiki-admin_hotwords.php, unspecified fields in (15) "Assign new module" and (16) "Create new user module" in (k) tiki-admin_modules.php, (17) an unspecified field in "Add notification" in (l) tiki-admin_notifications.php, (18) the offset parameter in (m) tiki-admin_notifications.php, the (19) Name and (20) Dsn fields in (o) tiki-admin_dsn.php, the (21) offset parameter in (p) tiki-admin_content_templates.php, (22) an unspecified field in "Create new template" in (q) tiki-admin_content_templates.php, and the (23) offset parameter in (r) tiki-admin_chat.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.1
tiki tikiwiki_cms/groupware 1.9.10
tiki tikiwiki_cms/groupware 1.9.8
tiki tikiwiki_cms/groupware 1.9.3
tiki tikiwiki_cms/groupware 1.9.5
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware 1.9.9
tiki tikiwiki_cms/groupware 1.9.8.1
tiki tikiwiki_cms/groupware 1.9.3.2
tiki tikiwiki_cms/groupware 1.9.6
tiki tikiwiki_cms/groupware 1.9.11
tiki tikiwiki_cms/groupware 1.9.7
tiki tikiwiki_cms/groupware 1.9.2
tiki tikiwiki_cms/groupware 1.9.3.1
tiki tikiwiki_cms/groupware 1.9.4
CVE-2006-3047 MEDIUM

Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.1
tiki tikiwiki_cms/groupware 1.9.3
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware 1.9.2
tiki tikiwiki_cms/groupware *
CVE-2006-3048 HIGH

SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 1.9.1
tiki tikiwiki_cms/groupware 1.9.3
tiki tikiwiki_cms/groupware 1.9.0
tiki tikiwiki_cms/groupware 1.9.2
tiki tikiwiki_cms/groupware *
CVE-2010-1133 HIGH

Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 4.1
tiki tikiwiki_cms/groupware 4.0
CVE-2010-1134 HIGH

SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 3.2
tiki tikiwiki_cms/groupware 3.3
tiki tikiwiki_cms/groupware 3.0
tiki tikiwiki_cms/groupware 3.4
tiki tikiwiki_cms/groupware 3.1
CVE-2010-1135 HIGH

The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-255,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 4.1
tiki tikiwiki_cms/groupware 4.0
CVE-2010-1136 HIGH

The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in userslib.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 3.2
tiki tikiwiki_cms/groupware 3.3
tiki tikiwiki_cms/groupware 3.0
tiki tikiwiki_cms/groupware 3.4
tiki tikiwiki_cms/groupware 3.1
CVE-2012-0911 HIGH

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.php or (b) tiki-print_pages.php; or (4) sendpages, (5) sendstructures, or (6) sendarticles parameter to tiki-send_objects.php, which is not properly handled when processed by the unserialize function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2012-3996 MEDIUM

TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 7.2
tiki tikiwiki_cms/groupware 2.2
tiki tikiwiki_cms/groupware 3.2
tiki tikiwiki_cms/groupware 8.0
tiki tikiwiki_cms/groupware 5.1
tiki tikiwiki_cms/groupware 7.1
tiki tikiwiki_cms/groupware 4
tiki tikiwiki_cms/groupware 3.0
tiki tikiwiki_cms/groupware 4.2
tiki tikiwiki_cms/groupware 5.3
tiki tikiwiki_cms/groupware 4.0
tiki tikiwiki_cms/groupware *
tiki tikiwiki_cms/groupware 6.2
tiki tikiwiki_cms/groupware 3.1
tiki tikiwiki_cms/groupware 8.1
tiki tikiwiki_cms/groupware 5.0
tiki tikiwiki_cms/groupware 7.0
tiki tikiwiki_cms/groupware 6.1
tiki tikiwiki_cms/groupware 5.2
tiki tikiwiki_cms/groupware 3.4
tiki tikiwiki_cms/groupware 3.5
tiki tikiwiki_cms/groupware 6.0
tiki tikiwiki_cms/groupware 4.1
tiki tikiwiki_cms/groupware 3.3
CVE-2013-4714 MEDIUM

Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 9.0
tiki tikiwiki_cms/groupware 10.0
tiki tikiwiki_cms/groupware 10.3
tiki tikiwiki_cms/groupware 9.4
tiki tikiwiki_cms/groupware 6.8
tiki tikiwiki_cms/groupware 9.5
tiki tikiwiki_cms/groupware 6.12
tiki tikiwiki_cms/groupware 10.2
tiki tikiwiki_cms/groupware 6.9
tiki tikiwiki_cms/groupware 9.3
tiki tikiwiki_cms/groupware 6.11
tiki tikiwiki_cms/groupware 6.10
tiki tikiwiki_cms/groupware 9.1
tiki tikiwiki_cms/groupware 11.0
tiki tikiwiki_cms/groupware 9.2
tiki tikiwiki_cms/groupware 9.6
tiki tikiwiki_cms/groupware 10.1
CVE-2013-4715 HIGH

SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 9.0
tiki tikiwiki_cms/groupware 10.0
tiki tikiwiki_cms/groupware 10.3
tiki tikiwiki_cms/groupware 9.4
tiki tikiwiki_cms/groupware 6.8
tiki tikiwiki_cms/groupware 9.5
tiki tikiwiki_cms/groupware 6.12
tiki tikiwiki_cms/groupware 10.2
tiki tikiwiki_cms/groupware 6.9
tiki tikiwiki_cms/groupware 9.3
tiki tikiwiki_cms/groupware 6.11
tiki tikiwiki_cms/groupware 6.10
tiki tikiwiki_cms/groupware 9.1
tiki tikiwiki_cms/groupware 11.0
tiki tikiwiki_cms/groupware 9.2
tiki tikiwiki_cms/groupware 9.6
tiki tikiwiki_cms/groupware 10.1
CVE-2013-6022 MEDIUM

A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2016-10143 MEDIUM

A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 15.2
CVE-2016-7394 MEDIUM

tiki wiki cms groupware <=15.2 has a xss vulnerability, allow attackers steal user's cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2016-9889 MEDIUM

Some forms with the parameter geo_zoomlevel_to_found_location in Tiki Wiki CMS 12.x before 12.10 LTS, 15.x before 15.3 LTS, and 16.x before 16.1 don't have the input sanitized, related to tiki-setup.php and article_image.php. The impact is XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 12.1
tiki tikiwiki_cms/groupware 12.2
tiki tikiwiki_cms/groupware 12.3
tiki tikiwiki_cms/groupware 12.8
tiki tikiwiki_cms/groupware 12.9
tiki tikiwiki_cms/groupware 16.0
tiki tikiwiki_cms/groupware 15.1
tiki tikiwiki_cms/groupware 15.0
tiki tikiwiki_cms/groupware 12.0
tiki tikiwiki_cms/groupware 12.6
tiki tikiwiki_cms/groupware 15.2
tiki tikiwiki_cms/groupware 12.5
tiki tikiwiki_cms/groupware 12.4
tiki tikiwiki_cms/groupware 12.7
CVE-2017-14924 MEDIUM

Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with an IMG element, related to tiki-assignuser.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 12.1
tiki tikiwiki_cms/groupware 15.4
tiki tikiwiki_cms/groupware 17.0
tiki tikiwiki_cms/groupware 16.1
tiki tikiwiki_cms/groupware 12.2
tiki tikiwiki_cms/groupware 12.3
tiki tikiwiki_cms/groupware 12.8
tiki tikiwiki_cms/groupware 12.10
tiki tikiwiki_cms/groupware 12.9
tiki tikiwiki_cms/groupware 16.0
tiki tikiwiki_cms/groupware 15.1
tiki tikiwiki_cms/groupware 12.11
tiki tikiwiki_cms/groupware 15.0
tiki tikiwiki_cms/groupware 12.0
tiki tikiwiki_cms/groupware 16.2
tiki tikiwiki_cms/groupware 12.6
tiki tikiwiki_cms/groupware 15.3
tiki tikiwiki_cms/groupware 15.2
tiki tikiwiki_cms/groupware 12.5
tiki tikiwiki_cms/groupware 12.4
tiki tikiwiki_cms/groupware 12.7
CVE-2017-14925 MEDIUM

Cross-Site Request Forgery (CSRF) vulnerability via IMG element in Tiki before 16.3, 17.x before 17.1, 12 LTS before 12.12 LTS, and 15 LTS before 15.5 LTS allows an authenticated user to edit global permissions if an administrator opens a wiki page with an IMG element, related to tiki-objectpermissions.php. For example, an attacker could assign administrator privileges to every unauthenticated user of the site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 12.1
tiki tikiwiki_cms/groupware 15.4
tiki tikiwiki_cms/groupware 17.0
tiki tikiwiki_cms/groupware 16.1
tiki tikiwiki_cms/groupware 12.2
tiki tikiwiki_cms/groupware 12.3
tiki tikiwiki_cms/groupware 12.8
tiki tikiwiki_cms/groupware 12.10
tiki tikiwiki_cms/groupware 12.9
tiki tikiwiki_cms/groupware 16.0
tiki tikiwiki_cms/groupware 15.1
tiki tikiwiki_cms/groupware 12.11
tiki tikiwiki_cms/groupware 15.0
tiki tikiwiki_cms/groupware 12.0
tiki tikiwiki_cms/groupware 16.2
tiki tikiwiki_cms/groupware 12.6
tiki tikiwiki_cms/groupware 15.3
tiki tikiwiki_cms/groupware 15.2
tiki tikiwiki_cms/groupware 12.5
tiki tikiwiki_cms/groupware 12.4
tiki tikiwiki_cms/groupware 12.7
CVE-2017-9145 MEDIUM

TikiFilter.php in Tiki Wiki CMS Groupware 12.x through 16.x does not properly validate the imgsize or lang parameter to prevent XSS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 14.0
tiki tikiwiki_cms/groupware 12.1
tiki tikiwiki_cms/groupware 15.4
tiki tikiwiki_cms/groupware 16.1
tiki tikiwiki_cms/groupware 12.2
tiki tikiwiki_cms/groupware 12.3
tiki tikiwiki_cms/groupware 12.8
tiki tikiwiki_cms/groupware 12.9
tiki tikiwiki_cms/groupware 16.0
tiki tikiwiki_cms/groupware 15.1
tiki tikiwiki_cms/groupware 14.1
tiki tikiwiki_cms/groupware 15.0
tiki tikiwiki_cms/groupware 13.2
tiki tikiwiki_cms/groupware 13.0
tiki tikiwiki_cms/groupware 12.0
tiki tikiwiki_cms/groupware 16.2
tiki tikiwiki_cms/groupware 12.6
tiki tikiwiki_cms/groupware 15.3
tiki tikiwiki_cms/groupware 15.2
tiki tikiwiki_cms/groupware 12.5
tiki tikiwiki_cms/groupware 12.4
tiki tikiwiki_cms/groupware 12.7
tiki tikiwiki_cms/groupware 13.1
CVE-2017-9305 MEDIUM

lib/core/TikiFilter/PreventXss.php in Tiki Wiki CMS Groupware 16.2 allows remote attackers to bypass the XSS filter via padded zero characters, as demonstrated by an attack on tiki-batch_send_newsletter.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 16.2
CVE-2018-14849 LOW

Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2018-14850 LOW

Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2018-20719 MEDIUM

In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2018-7188 LOW

An XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2018-7290 LOW

Cross Site Scripting (XSS) exists in Tiki before 12.13, 15.6, 17.2, and 18.1.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 18.0
tiki tikiwiki_cms/groupware *
CVE-2018-7302 LOW

Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tiki 17.1
CVE-2018-7303 LOW

The Calendar component in Tiki 17.1 allows HTML injection.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 17.1
CVE-2018-7304 MEDIUM

Tiki 17.1 does not validate user input for special characters; consequently, a CSV Injection attack can open a CMD.EXE or Calculator window on the victim machine to perform malicious activity, as demonstrated by an "=cmd|' /C calc'!A0" payload during User Creation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1236,

Products Affected

Vendor Product Version
tiki tiki 17.1
CVE-2019-15314 LOW

tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 18.4
CVE-2020-15906 HIGH

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-307,

Products Affected

Vendor Product Version
tiki tiki *
CVE-2020-16131 MEDIUM

Tiki before 21.2 allows XSS because [\s\/"\'] is not properly considered in lib/core/TikiFilter/PreventXss.php.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tiki *
CVE-2020-29254 MEDIUM

TikiWiki 21.2 allows templates to be edited without CSRF protection. This could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to follow a maliciously crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These action include allowing attackers to submit their own code through an authenticated user resulting in local file Inclusion. If an authenticated user who is able to edit TikiWiki templates visits an malicious website, template code can be edited.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 21.2
CVE-2020-8966 MEDIUM

There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows malicious users to cause the injection of malicious code fragments (scripts) into a legitimate web page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *
CVE-2021-36550 LOW

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Create category module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 21.4
CVE-2021-36551 LOW

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload under the Add Event module.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware 21.4
CVE-2023-22850

Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2023-22851

Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2023-22852

Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-import_sheet.php.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2023-22853

Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-46878

A Cross-Site Scripting (XSS) vulnerability exists in the page parameter of tiki-editpage.php in Tiki version 26.3 and earlier. This vulnerability allows attackers to execute arbitrary JavaScript code via a crafted payload, leading to potential access to sensitive information or unauthorized actions.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-46879

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the POST request data zipPath of tiki-admin_system.php in Tiki version 21.2. This vulnerability allows attackers to execute arbitrary JavaScript code via a crafted payload, leading to potential access to sensitive information or unauthorized actions.

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-51506

Tiki through 27.0 allows users who have certain permissions to insert a "Create a Wiki Pages" stored XSS payload in the description.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-51507

Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-51508

Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External Wiki" stored XSS payload in the Index.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
tiki tiki *
CVE-2024-51509

Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki-admin_modules.php) stored XSS payload in the Name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
tiki tiki *
CVE-2025-34111

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The vulnerable component does not enforce file type validation, allowing attackers to craft a POST request to upload executable PHP payloads through the ELFinder interface exposed at /vendor_extra/elfinder/.

Products Affected

Vendor Product Version
tiki tikiwiki_cms/groupware *