TikiWiki Multiple Input Validation Vulnerabilities Network Vulnerability

Summary

The remote host is running Tiki Wiki, a content management system written in PHP. The remote version of this software is vulnerable to multiple vulnerabilities which have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload.

Solution

Upgrade to TikiWiki 1.8.2 or newer

Severity

Classification

CVE CVE-2004-1923, CVE-2004-1924, CVE-2004-1925, CVE-2004-1926, CVE-2004-1927, CVE-2004-1928

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

A Really Simple Chat Multiple SQL Injection Vulnerabilities
ASP Inline Corporate Calendar SQL injection
'research_display.php' SQL Injection Vulnerability
Athena Web Registration remote command execution flaw
AdaptBB Multiple Input Validation Vulnerabilities

TikiWiki multiple input validation vulnerabilities

Take action and discover your vulnerabilities