Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foswiki foswiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24698
Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows malicious users to perform a directory traversal via supplying a crafted web request.
Foswiki Foswiki
NA
CVE-2023-33756
An issue in the SpreadSheetPlugin component of Foswiki v2.1.7 and below allows malicious users to execute a directory traversal.
Foswiki Foswiki
6.8
CVSSv2
CVE-2013-1666
Foswiki prior to 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.
Foswiki Foswiki
5
CVSSv2
CVE-2012-6330
The localization functionality in TWiki prior to 5.1.3, and Foswiki 1.0.x up to and including 1.0.10 and 1.1.x up to and including 1.1.6, allows remote malicious users to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
Twiki Twiki 5.1.0
Twiki Twiki 5.1.1
Twiki Twiki
Foswiki Foswiki 1.0.2
Foswiki Foswiki 1.0.3
Foswiki Foswiki 1.1.0
Foswiki Foswiki 1.0.4
Foswiki Foswiki 1.0.10
Foswiki Foswiki 1.1.5
Foswiki Foswiki 1.0.1
Foswiki Foswiki 1.1.2
Foswiki Foswiki 1.1.1
Foswiki Foswiki 1.0.0
Foswiki Foswiki 1.1.6
Foswiki Foswiki 1.1.4
Foswiki Foswiki 1.1.3
1 EDB exploit
7.5
CVSSv2
CVE-2012-6329
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl prior to 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent malicious users to execute arbitrary co...
Perl Perl 5.16.0
Perl Perl 5.14.3
Perl Perl 5.14.0
Perl Perl 5.13.2
Perl Perl 5.10.0
Perl Perl 5.12.0
Perl Perl 5.11.4
Perl Perl 5.11.2
Perl Perl 5.11.3
Perl Perl 5.12.3
Perl Perl
Perl Perl 5.16.1
Perl Perl 5.14.1
Perl Perl 5.13.0
Perl Perl 5.13.3
Perl Perl 5.11.0
Perl Perl 5.10
Perl Perl 5.12.1
Perl Perl 5.12.2
Perl Perl 5.10.1
Perl Perl 5.13.5
Perl Perl 5.13.4
2 EDB exploits
2.1
CVSSv2
CVE-2012-1004
Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki prior to 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl,...
Foswiki Foswiki 1.1.0
Foswiki Foswiki 1.1.1
Foswiki Foswiki 1.1.2
Foswiki Foswiki 1.1.3
Foswiki Foswiki 1.1.4
6.5
CVSSv2
CVE-2010-4215
UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modifying the GROUP and ALLOWTOPICCHANGE preferences in the topic preferences for Main.AdminGroup.
Foswiki Foswiki 1.1.0
Foswiki Foswiki 1.1.1
4.3
CVSSv2
CVE-2009-4853
Multiple cross-site scripting (XSS) vulnerabilities in JumpBox prior to 1.1.2 for Foswiki Wiki System allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Jumpbox Jumpbox 1.1.0
Jumpbox Jumpbox
6.8
CVSSv2
CVE-2009-1434
Cross-site request forgery (CSRF) vulnerability in Foswiki prior to 1.0.5 allows remote malicious users to hijack the authentication of arbitrary users for requests that modify pages, change permissions, or change group memberships, as demonstrated by a URL for a (1) save or (2) ...
Foswiki Foswiki 1.0.1
Foswiki Foswiki 1.0.2
Foswiki Foswiki 1.0.3
Foswiki Foswiki
Foswiki Foswiki 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started