cbcvebase.
CVE-2004-1923
published 2004-04-11

CVE-2004-1923: Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2)…

PriorityP420medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.33%
87.1th percentile
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message.

Affected

2 ranges
VendorProductVersion rangeFixed in
tikitikiwiki_cms_groupware<= 1.8.1
tikitikiwiki_cms_groupware
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.