Filtered by vendor Tiki
Subscriptions
Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-22851 | 1 Tiki | 1 Tiki | 2024-08-02 | 7.2 High |
Tiki before 24.2 allows lib/importer/tikiimporter_blog_wordpress.php PHP Object Injection by an admin because of an unserialize call. | ||||
CVE-2023-22852 | 1 Tiki | 1 Tiki | 2024-08-02 | 6.5 Medium |
Tiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-import_sheet.php. | ||||
CVE-2023-22853 | 1 Tiki | 1 Tiki | 2024-08-02 | 8.8 High |
Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval. | ||||
CVE-2023-22850 | 1 Tiki | 1 Tiki | 2024-08-02 | 8.8 High |
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object Injection because of an unserialize call. |