Lucene search
K

20 matches found

github
github
added 2022/05/02 3:25 a.m.20 views

MoinMoin Cross-site Scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 an AttachFile sub-action in the errormsg function or 2 multiple vectors related to package file errors in the uploadform...

4.3CVSS5.7AI score0.02482EPSS
Exploits1References12Affected Software1
openvas
openvas
added 2009/06/23 12:0 a.m.23 views

Fedora Core 10 FEDORA-2009-6557 (moin)

The remote host is missing an update to moin announced via advisory FEDORA-2009-6557. OpenVAS Vulnerability Test $Id: fcore20096557.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-6557 moin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

4.3CVSS6.5AI score0.05435EPSS
Exploits2
openvas
openvas
added 2009/06/23 12:0 a.m.30 views

Fedora Core 10 FEDORA-2009-6557 (moin)

The remote host is missing an update to moin announced via advisory FEDORA-2009-6557. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.6AI score
Exploits0References1
openvas
openvas
added 2009/06/23 12:0 a.m.28 views

Fedora Core 9 FEDORA-2009-6559 (moin)

The remote host is missing an update to moin announced via advisory FEDORA-2009-6559. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

4.3CVSS6.6AI score0.02346EPSS
Exploits0References1
openvas
openvas
added 2009/05/20 12:0 a.m.26 views

FreeBSD Ports: moinmoin

The remote host is missing an update to the system as announced in the referenced advisory. VID fc4d0ae8-3fa3-11de-a3fd-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID fc4d0ae8-3fa3-11de-a3fd-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS6.3AI score0.05435EPSS
Exploits1
openvas
openvas
added 2009/05/20 12:0 a.m.24 views

FreeBSD Ports: moinmoin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.3AI score0.05435EPSS
Exploits1References3
osv
osv
added 2009/04/29 6:30 p.m.31 views

PYSEC-2009-6

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 an AttachFile sub-action in the errormsg function or 2 multiple vectors related to package file errors in the uploadform...

4.3CVSS4.7AI score0.02482EPSS
Exploits1References11
openvas
openvas
added 2009/04/28 12:0 a.m.25 views

Fedora Core 9 FEDORA-2009-3845 (moin)

The remote host is missing an update to moin announced via advisory FEDORA-2009-3845. OpenVAS Vulnerability Test $Id: fcore20093845.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3845 moin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

4.3CVSS0.4AI score0.05435EPSS
Exploits2References4
openvas
openvas
added 2009/04/28 12:0 a.m.25 views

Fedora Core 9 FEDORA-2009-3845 (moin)

The remote host is missing an update to moin announced via advisory FEDORA-2009-3845. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

4.3CVSS6.6AI score0.05435EPSS
Exploits2References5
nessus
nessus
added 2009/04/23 12:0 a.m.34 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : moin vulnerabilities (USN-716-1)

Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a...

5CVSS5.4AI score0.14787EPSS
Exploits2References8
nessus
nessus
added 2009/04/23 12:0 a.m.31 views

Fedora 10 : moin-1.6.4-1.fc10 (2009-3868)

Update moin to 1.6.4. Fix the following CVEs: CVE-2008-0781 again, CVE-2008-3381, CVE-2009-0260, CVE-2009-0312. Fix AttachFile escaping problems, upstream 1.7 changeset 5f51246a4df1 backported. Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...

4.3CVSS5.4AI score0.05435EPSS
Exploits2References9
nessus
nessus
added 2009/04/22 12:0 a.m.31 views

Fedora 9 : moin-1.6.4-1.fc9 (2009-3845)

Update moin to 1.6.4. Fix the following CVEs: CVE-2008-0781 again, CVE-2008-3381, CVE-2009-0260, CVE-2009-0312. Fix AttachFile escaping problems, upstream 1.7 changeset 5f51246a4df1 backported. Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...

4.3CVSS5.4AI score0.05435EPSS
Exploits2References9
openvas
openvas
added 2009/02/02 12:0 a.m.29 views

Debian Security Advisory DSA 1715-1 (moin)

The remote host is missing an update to moin announced via advisory DSA 1715-1. OpenVAS Vulnerability Test $Id: deb17151.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1715-1 moin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS6.3AI score0.05435EPSS
Exploits1
securityvulns
securityvulns
added 2009/01/31 12:0 a.m.82 views

[SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1715 [email protected] http://www.debian.org/security/ Steffen Joeris January 29, 2009 http://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.05435EPSS
Exploits1
ubuntu
ubuntu
added 2009/01/30 2:21 a.m.66 views

USN-716-1: MoinMoin vulnerabilities

Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a...

5CVSS5.3AI score0.14787EPSS
Exploits2
debian
debian
added 2009/01/29 7:14 a.m.47 views

[SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising

------------------------------------------------------------------------ Debian Security Advisory DSA-1715 [email protected] http://www.debian.org/security/ Steffen Joeris January 29, 2009 http://www.debian.org/security/faq -...

4.3CVSS6AI score0.05435EPSS
Exploits1
osv
osv
added 2009/01/29 12:0 a.m.20 views

DSA-1715-1 moin - insufficient input sanitising

Bulletin has no description...

4.3CVSS5.9AI score0.05435EPSS
Exploits1
nessus
nessus
added 2009/01/29 12:0 a.m.31 views

Debian DSA-1715-1 : moin - insufficient input sanitising

It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks CVE-2009-0260 . Another cross-site scripting vulnerability was discovered in the antispam feature CVE-2009-0312 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.3CVSS5AI score0.05435EPSS
Exploits1References6
ubuntucve
ubuntucve
added 2009/01/23 7:0 p.m.31 views

CVE-2009-0260

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...

4.3CVSS5.9AI score0.05435EPSS
Exploits1References2
cve
cve
added 2009/01/23 6:38 p.m.73 views

CVE-2009-0260

CVE-2009-0260: Multiple XSS vulnerabilities in MoinMoin, via action/AttachFile.py for WikiSandBox in versions before 1.8.1; attackers can inject script/HTML through AttachFile parameters rename or drawing (basename). Remote exploitation possible; remediation is upgrading to MoinMoin 1.8.1 or late...

4.3CVSS5.5AI score0.05435EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder