Unrated severityNVD Advisory· Published Mar 27, 2010· Updated Jun 16, 2026
CVE-2010-1134
CVE-2010-1134
Description
SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.4:*:*:*:*:*:*:*
- (no CPE)range: <3.5
Patches
Vulnerability mechanics
References
6- tikiwiki.svn.sourceforge.net/viewvc/tikiwikinvdPatchVendor Advisory
- www.securityfocus.com/bid/38608nvdPatch
- secunia.com/advisories/38882nvdVendor Advisory
- info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releasesnvd
- osvdb.org/62800nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56769nvd
News mentions
0No linked articles in our index yet.