NVD

Id
72303  
Name
CVE-2004-1925  
Description
Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php, (4) tiki-browse_categories.php, (5) tiki-index.php, (6) tiki-user_tasks.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-file_galleries.php, (10) tiki-list_faqs.php, (11) tiki-list_trackers.php, (12) tiki-list_blogs.php, or via the offset parameter in (13) tiki-usermenu.php, (14) tiki-browse_categories.php, (15) tiki-index.php, (16) tiki-user_tasks.php, (17) tiki-list_faqs.php, (18) tiki-list_trackers.php, or (19) tiki-list_blogs.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-07-18  
Published
2004-04-12  
Modified Date
2017-07-10  
Seq
2004-1925  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
373268 72303 CVE-2004-1925 20040411 Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ]  View
373269 72303 CVE-2004-1925 http://tikiwiki.org/tiki-read_article.php?articleId=66  View
373270 72303 CVE-2004-1925 10100  View
373271 72303 CVE-2004-1925 tikiwiki-sql-injection(15845)  View

Related JVN