Lucene search
K

21 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 5:17 a.m.23 views

MoinMoin Multiple vulnerable to directory traversal

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...

6CVSS7.1AI score0.18563EPSS
Exploits2References12Affected Software1
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.31 views

Debian Security Advisory DSA 2593-1 (moin - several vulnerabilities)

It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue is being actively exploited. This update also addresses path traversal in AttachFile. OpenVAS Vulnerability Test $Id: deb25931.nasl 6611...

6.4CVSS0.30566EPSS
Exploits10References1
Check Point Advisories
Check Point Advisories
added 2013/08/06 12:0 a.m.9 views

MoinMoin twikidraw Action Directory Traversal (CVE-2012-6081)

A directory traversal vulnerability has been reported in MoinMoin server application. The vulnerability is caused due to improper sanitization of query strings from the path. A remote attacker can exploit this vulnerability by sending crafted requests to the affected server. Successful exploitati...

6CVSS7.2AI score0.30566EPSS
Exploits7
Exploit DB
Exploit DB
added 2013/06/24 12:0 a.m.204 views

MoinMoin - twikidraw Action Traversal Arbitrary File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MoinMoin twikidraw Action Traversal...

6CVSS7.4AI score0.30566EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/06/19 12:0 a.m.58 views

MoinMoin twikidraw Action Traversal File Upload

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MoinMoin twikidraw Action Traversal...

6CVSS0.2AI score0.30566EPSS
Exploits7
0day.today
0day.today
added 2013/06/19 12:0 a.m.335 views

MoinMoin twikidraw Action Traversal File Upload Vulnerability

This Metasploit module exploits a vulnerability in MoinMoin 1.9.5. The vulnerability exists on the manage of the twikidraw actions, where a traversal path can be used in order to upload arbitrary files. Exploitation is achieved on Apached/modwsgi configurations by overwriting moin.wsgi, which...

6CVSS0.5AI score0.30566EPSS
Exploits7
Circl
Circl
added 2013/05/08 12:0 a.m.24 views

CVE-2012-6081

creationtimestamp| type| source ---|---|--- 2013-05-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/25304 2013-06-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/26422 2018-05-29 15:50:33+00:00| seen|...

6CVSS6.1AI score0.30566EPSS
Exploits7References5
OpenVAS
OpenVAS
added 2013/01/24 12:0 a.m.40 views

Fedora Update for moin FEDORA-2013-0640

Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2013-0640 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.4CVSS0.2AI score0.30566EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2013/01/24 12:0 a.m.34 views

Fedora Update for moin FEDORA-2013-0685

Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2013-0685 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.4CVSS0.1AI score0.30566EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2013/01/24 12:0 a.m.22 views

Fedora Update for moin FEDORA-2013-0685

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.4CVSS6.7AI score0.30566EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2013/01/21 12:0 a.m.18 views

Fedora Update for moin FEDORA-2013-0600

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.4CVSS6.7AI score0.30566EPSS
Exploits10References2
seebug.org
seebug.org
added 2013/01/05 12:0 a.m.122 views

MoinMoin action/twikidraw.py和action/anywikidraw.py任意代码执行漏洞

BUGTRAQ ID: 57082 CVECAN ID: CVE-2012-6081 MoinMoin是一个基于Python环境的wiki引擎程序,支持包括中文在内的多语种特性。 MoinMoin 1.9.6之前版本中 twikidraw action/twikidraw.py 、anywikidraw action/anywikidraw.py 脚本存在多个文件上传漏洞,可允许具有写权限的、经过身份验证的远程攻击者通过上传带有可执行扩展名的文件,然后直接请求该文件,执行任意代码。 0 MoinMoin Wiki Engine 1.9.3 厂商补丁: MoinMoin --------...

6CVSS0.5AI score0.30566EPSS
Exploits7
NVD
NVD
added 2013/01/03 1:55 a.m.22 views

CVE-2012-6495

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...

6CVSS7.1AI score0.18563EPSS
Exploits2References9
Prion
Prion
added 2013/01/03 1:55 a.m.16 views

Directory traversal

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...

6CVSS7.4AI score0.30566EPSS
Exploits9References9Affected Software1
PyPA
PyPA
added 2013/01/03 1:55 a.m.6 views

PYSEC-2013-7

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...

6CVSS7.6AI score0.30566EPSS
Exploits9References10Affected Software1
Cvelist
Cvelist
added 2013/01/03 1:0 a.m.31 views

CVE-2012-6081

Multiple unrestricted file upload vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, the...

7.3AI score0.30566EPSS
Exploits7References13
CVE
CVE
added 2013/01/03 1:0 a.m.109 views

CVE-2012-6081

CVE-2012-6081 affects MoinMoin before 1.9.6, with multiple unrestricted file upload vulnerabilities in the twikidraw and anywikidraw actions. Remote authenticated users with write permissions can upload a file with an executable extension and access it to execute arbitrary code; this is corrobora...

6CVSS7.4AI score0.30566EPSS
Exploits7References13Affected Software1
CVE
CVE
added 2013/01/03 1:0 a.m.85 views

CVE-2012-6495

CVE-2012-6081 describes multiple directory traversal/file-upload vulnerabilities in MoinMoin up to version 1.9.6, specifically in the twikidraw (action/twikidraw.py) and anywikidraw (action/anywikidraw.py) actions. The root cause is unrestricted directory traversal and improper sanitization that ...

6CVSS7.2AI score0.18563EPSS
Exploits2References9Affected Software1
Debian CVE
Debian CVE
added 2013/01/03 1:0 a.m.31 views

CVE-2012-6081

Removed by vendor...

6CVSS7AI score0.30566EPSS
Exploits7
Debian CVE
Debian CVE
added 2013/01/03 1:0 a.m.39 views

CVE-2012-6495

Removed by vendor...

6CVSS7AI score0.18563EPSS
Exploits2
Rows per page
Query Builder