48 matches found
EUVD-2005-2337
Malware in sbrugna...
EUVD-2005-2804
Malware in sbrugna...
EUVD-2006-3375
Malware in sbrugna...
Debian: Security Advisory (DSA-1324-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
hiki-engineer.com Cross Site Scripting vulnerability OBB-1443629
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Hiki cross-site scripting vulnerability
Overview Hiki, a Wiki clone from the Hiki development team, contains a cross-site scripting vulnerability. Impact A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into t...
Hiki arbitrary file deletion vulnerability
Overview Hiki, a Wiki clone software developed by Hiki Development Team, contains a vulnerability that allows a remote attacker to delete arbitrary files. Hiki contains a vulnerability that allows an arbitrary file to be deleted on a server running Hiki. This is caused by the improper handling of...
Hiki cross-site scripting vulnerability
Overview Hiki, a Wiki clone from the Hiki development team, contains a cross-site scripting vulnerability. Impact A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into t...
Debian: Security Advisory (DSA-1119)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1119-1 (hiki)
The remote host is missing an update to hiki announced via advisory DSA 1119-1. Akira Tanaka discovered a vulnerability in Hiki Wiki, a Wiki engine written in Ruby that allows remote attackers to cause a denial of service via high CPU consumption using by performing a diff between large and...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
DEBIAN-CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
Directory traversal
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...
CVE-2007-2836
Summary (CVE-2007-2836) : The Hiki wiki engine (Ruby) versions 0.8.0–0.8.6 are affected by a directory traversal vulnerability in the session management under session.rb. An insufficiently restrictive regular expression used to validate the session ID enables a remote attacker to craft a session ...
Debian DSA-1324-1 : hiki - missing input sanitising
Kazuhiro Nishiyama found a vulnerability in hiki, a Wiki engine written in Ruby, which could allow a remote attacker to delete arbitrary files which are writable to the Hiki user, via a specially crafted session parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
[SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
------------------------------------------------------------------------ Debian Security Advisory DSA-1324 [email protected] http://www.debian.org/security/ Steve Kemp June 28, 2007 - ------------------------------------------------------------------------ Package : hiki Vulnerability : missing...