Unrated severityNVD Advisory· Published Mar 27, 2010· Updated Jun 16, 2026
CVE-2010-1136
CVE-2010-1136
Description
The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in userslib.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.4:*:*:*:*:*:*:*
- (no CPE)range: <3.5
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/38882nvdVendor Advisory
- info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releasesnvd
- osvdb.org/62801nvd
- tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/branches/proposals/3.x/lib/userslib.phpnvd
- tikiwiki.svn.sourceforge.net/viewvc/tikiwikinvd
- www.securityfocus.com/bid/38608nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56771nvd
News mentions
0No linked articles in our index yet.