Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tiki Subscribe
Total 84 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3996 1 Tiki 1 Tikiwiki Cms\/groupware 2012-10-24 5.0 MEDIUM N/A
TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
CVE-2007-5683 1 Tiki 1 Tikiwiki Cms\/groupware 2012-10-24 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to the password reminder page (tiki-remind_password.php), (2) IMG tags in wiki pages, and (3) the local_php parameter to db/tiki-db.php.
CVE-2007-6529 1 Tiki 1 Tikiwiki Cms\/groupware 2012-10-24 10.0 HIGH N/A
Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.
CVE-2006-6168 1 Tiki 1 Tikiwiki Cms\/groupware 2012-10-24 7.5 HIGH N/A
tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" via certain vectors such as a comma-separated list of addresses in the email field, related to lack of "a minimal check on email."