Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-4768

Malware in sbrugna...

10CVSS6.1AI score0.02029EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-5029

Malware in sbrugna...

10CVSS6.4AI score0.01342EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 9:5 p.m.11 views

CVE-2009-5074

Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors...

10CVSS6.9AI score0.01342EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/03 4:15 p.m.3 views

CVE-2024-58134

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS6.4AI score0.00459EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2025/05/03 4:8 p.m.13 views

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

6.2AI score0.00459EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2025/05/03 4:8 p.m.9 views

CVE-2024-58134

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS6.4AI score0.00459EPSS
Exploits1
NVD
NVD
added 2025/05/03 11:15 a.m.22 views

CVE-2024-58135

Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default. When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand...

5.3CVSS0.00473EPSS
Exploits1References13
OSV
OSV
added 2024/05/10 11:7 a.m.6 views

OESA-2024-1517 perl-Mojolicious security update

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

7.5CVSS6.9AI score0.00549EPSS
Exploits1References3
OSV
OSV
added 2011/05/03 12:55 a.m.8 views

CVE-2011-1841

Cross-site scripting XSS vulnerability in the linkto helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4AI score
Exploits0References5
OSV
OSV
added 2011/05/03 12:55 a.m.6 views

CVE-2010-4803

Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors...

6.5AI score
Exploits0References3
Prion
Prion
added 2011/04/29 10:55 p.m.13 views

Directory traversal

Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f encoded slash dot dot slash in a URI...

5CVSS6.9AI score0.03848EPSS
Exploits1References20Affected Software1
Rows per page
Query Builder