Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-1229
Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
9.3
CVSSv2
CVE-2008-1230
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
9.3
CVSSv2
CVE-2008-1231
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
4.3
CVSSv2
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
4.3
CVSSv2
CVE-2007-5119
JSPWiki 2.4.103 and 2.5.139-beta allows remote malicious users to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
Jspwiki Jspwiki 2.4.103
Jspwiki Jspwiki 2.5.139-beta
4.3
CVSSv2
CVE-2007-5120
Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote malicious users to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) editti...
Jspwiki Jspwiki 2.5.139-beta
Jspwiki Jspwiki 2.4.103
6 EDB exploits
4.3
CVSSv2
CVE-2007-5121
Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allows remote malicious users to inject arbitrary web script or HTML via the redirect parameter to wiki-3/Login.jsp and unspecified other components.
Jspwiki Jspwiki 2.5.139-beta
4.3
CVSSv2
CVE-2019-10090
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive...
Apache Jspwiki 2.11.0
Apache Jspwiki
4.3
CVSSv2
CVE-2019-0224
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own brow...
Apache Jspwiki
Apache Jspwiki 2.11.0
7.8
CVSSv2
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »