Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the (1) theme parameter to tiki-switch_theme.php, (2) find and priority parameters to messu-mailbox.php, (3) flag, priority, flagval, sort_mode, or find parameters to messu-read.php, (4) articleId parameter to tiki-read_article.php, (5) parentId parameter to tiki-browse_categories.php, (6) comments_threshold parameter to tiki-index.php (7) articleId parameter to tiki-print_article.php, (8) galleryId parameter to tiki-list_file_gallery.php, (9) galleryId parameter to tiki-upload_file.php, (10) faqId parameter to tiki-view_faq.php, (11) chartId parameter to tiki-view_chart.php, or (12) surveyId parameter to tiki-survey_stats_survey.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TikiWiki项目多个输入验证漏洞
Vulnerability Description
Tiki CMS/Groupware (TikiWiki) 1.8.1及其早期版本存在多个跨站脚本(XSS)漏洞。远程攻击者可以通过(1)tiki-switch_theme.php的theme参数(2)messu - mailbox.php的find和priority参数,(3)messu - read.php的flag, priority, flagval, sort_mode或者find参数,(4) tiki-read_article.php的articleId参数,(5)tiki-browse_ca
CVSS Information
N/A
Vulnerability Type
N/A