VYPR
Unrated severityNVD Advisory· Published Nov 18, 2005· Updated Jun 16, 2026

CVE-2005-1925

CVE-2005-1925

Description

Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.

Affected products

6
  • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*range: <=1.9.0
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.9.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.9.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.9.0:rc3:*:*:*:*:*:*
  • Tiki/Tikillm-fuzzy
    Range: <1.9.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.