CVE-2004-1927

Tikiwiki Cms/groupware < 1.8.1 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.

Exploits (2)

exploitdb WRITEUP VERIFIED
by JeiAr · textwebappsphp
https://www.exploit-db.com/exploits/23949
exploitdb WRITEUP
webappsphp
https://www.exploit-db.com/exploits/43809

References (5)

Scores

EPSS 0.0502
EPSS Percentile 89.8%

Details

CWE
CWE-22
Status published
Products (2)
tiki/tikiwiki_cms\/groupware 1.6.1
tiki/tikiwiki_cms\/groupware < 1.8.1
Published Apr 11, 2004
Tracked Since Feb 18, 2026