Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
NA
CVE-2008-1229
Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2008-1230
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2008-1231
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2007-5119
JSPWiki 2.4.103 and 2.5.139-beta allows remote malicious users to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
Jspwiki Jspwiki 2.4.103
Jspwiki Jspwiki 2.5.139-beta
NA
CVE-2007-5120
Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote malicious users to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) editti...
Jspwiki Jspwiki 2.5.139-beta
Jspwiki Jspwiki 2.4.103
6 EDB exploits
NA
CVE-2007-5121
Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allows remote malicious users to inject arbitrary web script or HTML via the redirect parameter to wiki-3/Login.jsp and unspecified other components.
Jspwiki Jspwiki 2.5.139-beta
6.1
CVSSv3
CVE-2019-10076
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10077
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10078
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
Apache Jspwiki
Apache Jspwiki 2.11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »