EUVD-2020-5571

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-44858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. It is possible to use action=edit&undo= followed by...

PT-2025-50550

Name of the Vulnerable Software and Affected Versions XWiki versions 16.10.9 and below, 17.0.0-rc-1 through 17.4.2, and 17.5.0-rc-1 through 17.5.0 Description The XWiki Rendering system lacks sufficient protection against /html injection. This allows attackers to achieve remote code execution RCE...

CVE-2020-13311

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface...

PT-2024-34669 · Tiki · Tiki

Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 27.1 Description: The issue allows users with specific permissions to insert a stored XSS payload in the Name field when creating or editing an external wiki. This can lead to the execution of malicious scripts...

VulnCheck KEV: CVE-2024-31982

XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a...

CVE-2023-44394 Disclosure of project names to unauthorized users in MantisBT

MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit 65c44883f which has been included in release...

PT-2023-22301 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.11 XWiki Platform versions prior to 14.4.8 XWiki Platform versions prior to 14.10.2 XWiki Platform versions prior to 15.0RC1 Description: The issue allows any user who can edit their own user profile to...

XWiki Platform 注入漏洞

XWiki Platform is a suite of wiki platforms for creating web collaboration applications from the French company XWiki. XWiki Platform suffers from an injection vulnerability that originates from the execution of arbitrary script macros, including Groovy and Python macros that allow remote code...

CVE-2022-36093 XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard

XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to the xpart template, user accounts can be created even when user registration is disabled. This also circumvents any email verification. Before versions 14.2...

GitLab Input Validation Error Vulnerability (CNVD-2020-52423)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. An input validation error vulnerability exists in GitLab versions prior to 13.1.10, 13.2.8, and...

UBUNTU-CVE-2020-13311

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface...