CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 2CVE-2011-4454 – Tiki Wiki CMS Groupware Cross Site Scripting
https://notcve.org/view.php?id=CVE-2011-4454
17 Nov 2011 — Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-index.php, (3) tiki-login_scr.php, or (4) tiki-index. Múltiples vulnerabilidades de tipo cross-site scripting en Tiki versión 8.0 RC1 y anteriores, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de la información de ruta en el archivo (1) tiki-remind_password.php, (2) tiki-index.php, (... • https://packetstorm.news/files/id/107082 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2011-4455 – Tiki Wiki CMS Groupware Cross Site Scripting
https://notcve.org/view.php?id=CVE-2011-4455
17 Nov 2011 — Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistory.php, (3) tiki-removepage.php, or (4) tiki-rename_page.php. Múltiples vulnerabilidades de tipo cross-site scripting en Tiki versiones 7.2 y anteriores, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de la información de ruta en el archivo (1) tiki-admin_system.php, (2) tiki-pagehis... • https://packetstorm.news/files/id/107082 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •