Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2022/05/01 11:36 p.m.16 views

MoinMoin Improper Access Control

macroGetval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages. The issue has been fixed on 4a7de0173734...

5CVSS7.1AI score0.02005EPSS
Exploits0References15Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/04 9:52 p.m.28 views

CVE-2008-1098

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...

4.3CVSS5.4AI score0.02537EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2019/10/04 9:48 p.m.20 views

CVE-2008-0781

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 message, 2 pagename, and 3 target filenames...

4.3CVSS5.6AI score0.02537EPSS
Exploits0References3
Prion
Prion
added 2008/03/05 8:44 p.m.20 views

Code injection

macroGetval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages...

5CVSS6.6AI score0.02005EPSS
Exploits0References13Affected Software1
Prion
Prion
added 2008/03/05 8:44 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...

4.3CVSS5.4AI score0.02537EPSS
Exploits1References14Affected Software1
Debian CVE
Debian CVE
added 2008/03/05 8:0 p.m.26 views

CVE-2008-1098

Removed by vendor...

4.3CVSS6.6AI score0.01803EPSS
Exploits1
Debian CVE
Debian CVE
added 2008/03/05 8:0 p.m.31 views

CVE-2008-1099

Removed by vendor...

5CVSS6.6AI score0.02005EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2008/02/14 9:0 p.m.36 views

CVE-2008-0782

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...

5CVSS6.4AI score0.14787EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/02/14 8:0 p.m.33 views

CVE-2008-0782

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot in the MOINID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter...

7AI score0.14787EPSS
Exploits0References13
Rows per page
Query Builder