CVE-2010-1135

N/A Unknown

Published: March 27, 2010 Modified: April 29, 2026

Description

The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releases

Source: cve@mitre.org

Patch

http://secunia.com/advisories/38896

Source: cve@mitre.org

Vendor Advisory

http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=25046

Source: cve@mitre.org

http://www.securityfocus.com/bid/38608

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/56770

Source: cve@mitre.org

http://info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releases