Arbitrary File Existence Disclosure Vulnerability in Tiki CMS/Groupware

CVE-2004-1927 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.

Learn more about our Cms Pen Testing.