|
346611
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_director…
|
CWE-200
Information Exposure
|
CVE-2004-1923
|
2017-07-11 10:31 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346612
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (…
|
CWE-22
Path Traversal
|
CVE-2004-1927
|
2017-07-11 10:31 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346613
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the (1) theme parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2004-1924
|
2017-07-11 10:31 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346614
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php…
|
CWE-89
SQL Injection
|
CVE-2004-1925
|
2017-07-11 10:31 |
2004-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346615
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL.
|
CWE-20
Improper Input Validation
|
CVE-2004-1928
|
2017-07-11 10:31 |
2004-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346616
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code …
|
NVD-CWE-Other
|
CVE-2004-1929
|
2017-07-11 10:31 |
2004-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346617
|
- |
|
francisco_burzi
|
php-nuke
|
Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTM…
|
NVD-CWE-Other
|
CVE-2004-1930
|
2017-07-11 10:31 |
2004-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346618
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded …
|
NVD-CWE-Other
|
CVE-2004-1932
|
2017-07-11 10:31 |
2004-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346619
|
- |
|
-
|
-
|
Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages.
|
NVD-CWE-Other
|
CVE-2004-1933
|
2017-07-11 10:31 |
2004-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346620
|
- |
|
isesam
|
gemitel
|
PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to execute arbitrary PHP code via the base parameter.
|
NVD-CWE-Other
|
CVE-2004-1934
|
2017-07-11 10:31 |
2004-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
