Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-0113

Malware in sbrugna...

8.7CVSS6.8AI score0.01725EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1667

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.01752EPSS
Exploits0References7
OSV
OSV
added 2022/05/17 3:2 a.m.7 views

GHSA-FJ26-Q4VH-85F6 MoinMoin Cross-site Scripting (XSS) vulnerability

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting XSS" issue affecting the action=fckdialog&dialog=attachment via page name component...

6.1CVSS6AI score0.01186EPSS
Exploits3References7
OSV
OSV
added 2022/05/17 2:1 a.m.7 views

GHSA-M9J7-XCJ7-42J9 MoinMoin Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the reStructuredText rst parser in parser/textrst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some...

6.1CVSS5.4AI score0.02517EPSS
Exploits1References15
OSV
OSV
added 2022/05/02 6:15 a.m.4 views

GHSA-5JJR-GMQ3-F986 MoinMoin has improper default configuration

The default configuration of cfg.packagepagesactionsexcluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors...

7.5CVSS6.3AI score0.01973EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2013/01/03 1:55 a.m.24 views

CVE-2012-6495

Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...

6CVSS6.3AI score0.18563EPSS
Exploits2References11
OSV
OSV
added 2012/09/10 10:55 p.m.22 views

PYSEC-2012-10

security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...

6CVSS3.4AI score0.0209EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2010/02/26 7:0 p.m.50 views

CVE-2010-0667

Removed by vendor...

5CVSS6.7AI score0.01869EPSS
Exploits0
OSV
OSV
added 2009/03/30 1:30 a.m.17 views

CVE-2008-6549

The passwordchecker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service segmentation fault and crash via unknown vectors...

6.4AI score
Exploits0References3
OSV
OSV
added 2009/03/30 1:30 a.m.8 views

CVE-2008-6548

The rst parser parser/textrst.py in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors...

6.1AI score
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2004/08/26 12:0 a.m.24 views

MoinMoin: Group ACL bypass

Background MoinMoin is a Python clone of WikiWiki, based on PikiPiki. Description MoinMoin contains two unspecified bugs, one allowing anonymous users elevated access when not using ACLs, and the other in the ACL handling in the PageEditor. Impact Restrictions on anonymous users were not properly...

10CVSS2.2AI score0.02264EPSS
Exploits0
Rows per page
Query Builder