20 matches found
CVE-2008-0781
Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 message, 2 pagename, and 3 target filenames...
Fedora Core 10 FEDORA-2009-6557 (moin)
The remote host is missing an update to moin announced via advisory FEDORA-2009-6557. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-6559 (moin)
The remote host is missing an update to moin announced via advisory FEDORA-2009-6559. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 10 FEDORA-2009-6557 (moin)
The remote host is missing an update to moin announced via advisory FEDORA-2009-6557. OpenVAS Vulnerability Test $Id: fcore20096557.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-6557 moin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 9 FEDORA-2009-3845 (moin)
The remote host is missing an update to moin announced via advisory FEDORA-2009-3845. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-3845 (moin)
The remote host is missing an update to moin announced via advisory FEDORA-2009-3845. OpenVAS Vulnerability Test $Id: fcore20093845.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3845 moin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : moin vulnerabilities (USN-716-1)
Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a...
Fedora 10 : moin-1.6.4-1.fc10 (2009-3868)
Update moin to 1.6.4. Fix the following CVEs: CVE-2008-0781 again, CVE-2008-3381, CVE-2009-0260, CVE-2009-0312. Fix AttachFile escaping problems, upstream 1.7 changeset 5f51246a4df1 backported. Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...
Fedora 9 : moin-1.6.4-1.fc9 (2009-3845)
Update moin to 1.6.4. Fix the following CVEs: CVE-2008-0781 again, CVE-2008-3381, CVE-2009-0260, CVE-2009-0312. Fix AttachFile escaping problems, upstream 1.7 changeset 5f51246a4df1 backported. Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...
Fedora Update for moin FEDORA-2008-3328
Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2008-3328 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for moin FEDORA-2008-1880
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for moin FEDORA-2008-1880
Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2008-1880 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
USN-716-1: MoinMoin vulnerabilities
Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a...
Gentoo Security Advisory GLSA 200803-27 (moinmoin)
The remote host is missing updates announced in advisory GLSA 200803-27. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: moinmoin
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian DSA-1514-1 : moin - several vulnerabilities
Several remote vulnerabilities have been discovered in MoinMoin, a Python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2423 A cross-site-scripting vulnerability has been discovered in attachment handling. - CVE-2007-2637 Access...
Debian: Security Advisory (DSA-1514-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-1514-1 moin
Bulletin has no description...
Fedora 7 : moin-1.5.8-4.fc7 (2008-1880)
Wed Feb 20 2008 Lubomir Kundrak 1.5.8-4 - Fix CVE-2008-0780 XSS in login action 2f952fa361c7 - Fix CVE-2008-0781 multiple XSS in AttachFile action db212dfc58ef - Fri Feb 8 2008 Matthias Saou 1.5.8-3 - Include e69a16b6e630 1.5 changeset as cookieidfix 432017. - Sun Aug 5 2007 Matthias Saou 1.5.8-2...
CVE-2008-0781
CVE-2008-0781 concerns XSS in MoinMoin ≤ 1.5.8 via action/AttachFile.py and input fields (message, pagename, target filenames). The connected GitHub advisory confirms the issue and notes a fix was applied in the repository (commit db212dfc58ef). Other entries reference Ubuntu/OpenSUSE/Fedora advi...