CNNVD-202507-2033 Information

CNNVD ID

CNNVD-202507-2033

Related CVE

CVE-2025-34113

• CNNVD Published: 2025-07-15

Description (Chinese)

Tiki Wiki CMS是Tiki公司的一个内容管理系统。 Tiki Wiki CMS 14.1版本、12.4 LTS版本、9.10 LTS版本和6.14版本存在安全漏洞，该漏洞源于viewmode参数输入验证不当，可能导致命令注入。

Description (English)

Tiki Wiki CMS is a content management system for Tiki. Tiki Wiki CMS 14.1, 12.4 LTS, 9.10 LTS and 6.14 have a security loophole, which stems from the inappropriate input validation of the viewmode parameters, which may lead to the injection of the command.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Tiki

Published

2025-07-15

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://tiki.org/article414-Important-Security-Fix-for-all-versions-of-Tiki https://www.acunetix.com/vulnerabilities/web/tiki-wiki-cms-remote-code-execution-via-calendar-module/ https://www.exploit-db.com/exploits/39965 https://www.vulncheck.com/advisories/tiki-wiki-cms-authenticated-command-injection-in-calendar-module https://nvd.nist.gov/vuln/detail/CVE-2025-34113

Patch

https://tiki.org/HomePage