296,147
Total vulnerabilities in the database
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "..%2F" sequences in the imp_language parameter to tiki-imexport_languages.php.
| Software | From | Fixed in |
|---|---|---|
| tiki / tikiwiki_cms/groupware | - | 1.9.8.1.x |
| tiki / tikiwiki_cms/groupware | 1.9.4 | 1.9.4.x |
| tiki / tikiwiki_cms/groupware | 1.9.0-rc2 | 1.9.0-rc2.x |
| tiki / tikiwiki_cms/groupware | 1.9.3 | 1.9.3.x |
| tiki / tikiwiki_cms/groupware | 1.9.0 | 1.9.0.x |
| tiki / tikiwiki_cms/groupware | 1.6.1 | 1.6.1.x |
| tiki / tikiwiki_cms/groupware | 1.9.5 | 1.9.5.x |
| tiki / tikiwiki_cms/groupware | 1.9.0-rc1 | 1.9.0-rc1.x |
| tiki / tikiwiki_cms/groupware | 1.9.8 | 1.9.8.x |
| tiki / tikiwiki_cms/groupware | 1.9.0-rc3 | 1.9.0-rc3.x |
| tiki / tikiwiki_cms/groupware | 1.9.6 | 1.9.6.x |
| tiki / tikiwiki_cms/groupware | 1.9.2 | 1.9.2.x |
| tiki / tikiwiki_cms/groupware | 1.9.1 | 1.9.1.x |
| tiki / tikiwiki_cms/groupware | 1.9.7 | 1.9.7.x |