| VID |
21508 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The TikiWiki, according to its version number, has an unauthorized page access vulnerability. Tiki CMS/Groupware (aka TikiWiki) is a freely available Content Management System (CMS) and Groupware written in PHP. TikiWiki versions 1.8 through 1.8.3 could allow a remote attacker to bypass the permissions of individual TikiWiki pages and gain unauthorized access to pages within the content management system.
* Note: This check solely relied on the version number of the TikiWiki installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securitytracker.com/alerts/2004/Aug/1010962.html
* Platforms Affected:
Open-Source, TikiWiki 1.8 through 1.8.3
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of TikiWiki (1.8.4 or later), available from the TikiWiki Download Web site at http://tikiwiki.org/Download |
| Related URL |
(CVE) |
| Related URL |
10972 (SecurityFocus) |
| Related URL |
17026 (ISS) |
|
