CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1386

TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://securitytracker.com/id?1012700
http://tikiwiki.org/tiki-read_article.php?articleId=97
http://www.ciac.org/ciac/bulletins/p-084.shtml
http://www.gentoo.org/security/en/glsa/glsa-200501-12.xml
http://www.osvdb.org/12628
http://www.securityfocus.com/bid/12110
https://exchange.xforce.ibmcloud.com/vulnerabilities/18691
http://securitytracker.com/id?1012700
http://tikiwiki.org/tiki-read_article.php?articleId=97
http://www.ciac.org/ciac/bulletins/p-084.shtml
http://www.gentoo.org/security/en/glsa/glsa-200501-12.xml
http://www.osvdb.org/12628
http://www.securityfocus.com/bid/12110
https://exchange.xforce.ibmcloud.com/vulnerabilities/18691

Products affected by CVE-2004-1386

Tiki » Tikiwiki Cms/groupware » Version: 1.6.1

cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1386

Products

Pricing

Contact Us