| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-1136 | 7.5 |
The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in
|
17-08-2017 - 01:32 | 27-03-2010 - 19:07 | |
| CVE-2010-1134 | 7.5 |
SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable.
|
17-08-2017 - 01:32 | 27-03-2010 - 19:07 | |
| CVE-2010-1133 | 7.5 |
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.
|
17-08-2017 - 01:32 | 27-03-2010 - 19:07 | |
| CVE-2010-1135 | 7.5 |
The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.
|
17-08-2017 - 01:32 | 27-03-2010 - 19:07 |