CVE-2008-3654

Severity

50%

Complexity

99%

Confidentiality

48%

Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows attackers to obtain "path and PHP configuration" via unknown vectors.

Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows attackers to obtain "path and PHP configuration" via unknown vectors.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N).

Overview

Type

Tiki Tikiwiki CMS/Groupware

First reported 16 years ago

2008-08-13 01:41:00

Last updated 7 years ago

2017-08-08 01:32:00

Affected Software

Tiki Tikiwiki CMS/Groupware 1.6.1

1.6.1

Tiki Tikiwiki CMS/Groupware 1.9.0

1.9.0

Tiki Tikiwiki CMS/Groupware 1.9.0 release candidate 1

1.9.0

Tiki Tikiwiki CMS/Groupware 1.9.0 release candidate 2

1.9.0

Tiki Tikiwiki CMS/Groupware 1.9.0 release candidate 3

1.9.0

Tiki Tikiwiki CMS/Groupware 1.9.1

1.9.1

Tiki Tikiwiki CMS/Groupware 1.9.2

1.9.2

Tiki Tikiwiki CMS/Groupware 1.9.3

1.9.3

Tiki Tikiwiki CMS/Groupware 1.9.4

1.9.4

Tiki Tikiwiki CMS/Groupware 1.9.5

1.9.5

Tiki Tikiwiki CMS/Groupware 1.9.6

1.9.6

Tiki Tikiwiki CMS/Groupware 1.9.7

1.9.7

Tiki Tikiwiki CMS/Groupware 1.9.8

1.9.8

Tiki Tikiwiki CMS/Groupware 1.9.8.1

1.9.8.1

References

http://info.tikiwiki.org/tiki-read_article.php?articleId=35

http://tikiwiki.org/ReleaseNotes20

tikiwikicms-unspecified-path-disclosure(44421)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.