Lucene search
+L

5 matches found

UbuntuCve
UbuntuCve
added 2007/07/02 7:30 p.m.17 views

CVE-2007-2836

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

6.4CVSS6.1AI score0.02386EPSS
Exploits0References1
CVE
CVE
added 2007/07/02 7:0 p.m.51 views

CVE-2007-2836

Summary (CVE-2007-2836) : The Hiki wiki engine (Ruby) versions 0.8.0–0.8.6 are affected by a directory traversal vulnerability in the session management under session.rb. An insufficiently restrictive regular expression used to validate the session ID enables a remote attacker to craft a session ...

6.4CVSS6.5AI score0.02386EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2005/09/06 9:3 p.m.12 views

CVE-2005-2336

Cross-site scripting XSS vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a different vulnerability than CVE-2005-2803...

4.3CVSS5.5AI score0.01235EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/09/06 9:3 p.m.23 views

CVE-2005-2336

Cross-site scripting XSS vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a different vulnerability than CVE-2005-2803...

4.3CVSS6AI score0.01235EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/08/04 12:0 a.m.39 views

JVN#38138980 Hiki cross-site scripting vulnerability

Impact A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into the system as the administrator, the remote attacker could manipulate configurations. Solution Products...

4.3CVSS6.5AI score0.01235EPSS
Exploits0
Rows per page
Query Builder