Vulnerability CVE-2020-15906
Published: 2020-10-22

Description:
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.

See advisories in our WLB2 database:
Topic
Author
Date
High
Tiki Wiki CMS Groupware 21.1 Authentication Bypass
Maximilian Barz
21.10.2020

 References:
http://packetstormsecurity.com/files/159663/Tiki-Wiki-CMS-Groupware-21.1-Authentication-Bypass.html
https://info.tiki.org/article473-Security-Releases-of-all-Tiki-versions-since-16-3
Copyright 2024, cxsecurity.com

 

Back to Top