VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jul 12, 2012· Updated Apr 29, 2026

CVE-2012-3996

CVE-2012-3996

Description

TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.

Affected products

24
  • Tiki/Tikiwiki Cms\/groupware24 versions
    cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*+ 23 more
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*range: <=8.2
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tiki:tikiwiki_cms\/groupware:8.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.