Vulnerability Details CVE-2018-20719
In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2018-20719
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.6.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.1.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.3.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.8.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:1.9.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:10.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:11.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:11.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.12
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.13
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.14
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:12.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:13.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:14.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:14.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:15.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:16.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:17.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:17.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:2.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:3.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:4.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:5.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.10
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.11
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.12
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.13
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.7
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.8
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:6.9
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:7.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:8.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.0
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.1
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.2
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.3
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.4
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.5
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.6
-
cpe:2.3:a:tiki:tikiwiki_cms/groupware:9.7