Web application abuses : Tiki Wiki CMS Groupware 'tiki-orphan

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100048

Categoría: Web application abuses

Título: Tiki Wiki CMS Groupware 'tiki-orphan_pages.php' XSS Vulnerability

Resumen: Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability.;; This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS; Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266).

Descripción: Summary:
Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability.

This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS
Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266).

Vulnerability Impact:
An attacker may leverage this issue to execute arbitrary script code
in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based
authentication credentials.

Affected Software/OS:
Tiki Wiki CMS Groupware 2.2 through 3.0 beta1 are vulnerable.

Solution:
Upgrade to latest version.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1204
BugTraq ID: 34105
http://www.securityfocus.com/bid/34105
BugTraq ID: 34106
http://www.securityfocus.com/bid/34106
BugTraq ID: 34107
http://www.securityfocus.com/bid/34107
BugTraq ID: 34108
http://www.securityfocus.com/bid/34108
Bugtraq: 20090312 TikiWiki 2.2 XSS Vulnerability in URI (Google Search)
http://www.securityfocus.com/archive/1/501702/100/0/threaded
http://secunia.com/advisories/34273

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100048
Categoría:	Web application abuses
Título:	Tiki Wiki CMS Groupware 'tiki-orphan_pages.php' XSS Vulnerability
Resumen:	Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability.;; This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS; Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266).
Descripción:	Summary: Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability. This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266). Vulnerability Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials. Affected Software/OS: Tiki Wiki CMS Groupware 2.2 through 3.0 beta1 are vulnerable. Solution: Upgrade to latest version. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1204 BugTraq ID: 34105 http://www.securityfocus.com/bid/34105 BugTraq ID: 34106 http://www.securityfocus.com/bid/34106 BugTraq ID: 34107 http://www.securityfocus.com/bid/34107 BugTraq ID: 34108 http://www.securityfocus.com/bid/34108 Bugtraq: 20090312 TikiWiki 2.2 XSS Vulnerability in URI (Google Search) http://www.securityfocus.com/archive/1/501702/100/0/threaded http://secunia.com/advisories/34273
Copyright	Copyright (C) 2009 Greenbone AG