TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with an arbitrary password, possibly related to the Internet Explorer "Remember Me" feature. NOTE: some of these details are obtained from third party information.
References
Configurations
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://sourceforge.net/tracker/index.php?func=detail&aid=748739&group_id=64258&atid=506846 - Patch | |
References | () http://www.securityfocus.com/bid/14170 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/40347 - |
Information
Published : 2009-08-24 10:30
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1574
Mitre link : CVE-2003-1574
CVE.ORG link : CVE-2003-1574
JSON object : View
Products Affected
tiki
- tikiwiki_cms\/groupware
CWE
CWE-287
Improper Authentication