CVE-2011-4336
MEDIUM NUCLEITiki Wiki CMS Groupware 7.0 - XSS
Title source: llmDescription
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/35974
Nuclei Templates (1)
Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting
MEDIUMby pikpikcu
Shodan:
http.html:"tiki wiki"
FOFA:
body="tiki wiki"
Scores
CVSS v3
6.1
EPSS
0.0093
EPSS Percentile
76.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
tiki/tikiwiki_cms\/groupware
< 7.0
Published
Jan 15, 2020
Tracked Since
Feb 18, 2026