CVE-2011-4336

MEDIUM NUCLEI

Tiki Wiki CMS/Groupware < 7.0 - Cross-Site Scripting via AJAX Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4336. PoCs published by High-Tech Bridge SA. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware by injecting arbitrary JavaScript code via the 'ajax' parameter in the 'snarf_ajax.php' endpoint. The PoC uses a simple alert to display the user's cookies, proving the vulnerability.

Description

Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/35974

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware by injecting arbitrary JavaScript code via the 'ajax' parameter in the 'snarf_ajax.php' endpoint. The PoC uses a simple alert to display the user's cookies, proving the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Tiki Wiki CMS Groupware 7.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · User interaction to trigger the payload
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting
MEDIUMby pikpikcu
Shodan: http.html:"tiki wiki"
FOFA: body="tiki wiki"

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/bugtraq/2011/Nov/140
Third Party Advisory, VDB Entry x_refsource_misc
https://www.securityfocus.com/bid/48806/info

Scores

CVSS v3 6.1
EPSS 0.0093
EPSS Percentile 76.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
tiki/tikiwiki_cms\/groupware < 7.0
Published Jan 15, 2020
Tracked Since Feb 18, 2026