Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pmwiki pmwiki vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2010-4662
PmWiki prior to 2.2.21 has XSS.
Pmwiki Pmwiki
2 Github repositories
NA
CVE-2011-4453
The PageListSort function in scripts/pagelist.php in PmWiki 2.x prior to 2.2.35 allows remote malicious users to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.1.17
Pmwiki Pmwiki 2.1.18
Pmwiki Pmwiki 2.1.19
Pmwiki Pmwiki 2.2.0
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.10
Pmwiki Pmwiki 2.0.12
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.1.15
Pmwiki Pmwiki 2.1.20
Pmwiki Pmwiki 2.1.22
Pmwiki Pmwiki 2.2.1
Pmwiki Pmwiki 2.2.8
2 EDB exploits
NA
CVE-2010-4748
Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote malicious users to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information.
Pmwiki Pmwiki 2.2.20
NA
CVE-2010-1481
Cross-site scripting (XSS) vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute.
Pmwiki Pmwiki 2.2.15
NA
CVE-2006-4453
Cross-site scripting (XSS) vulnerability in PmWiki prior to 2.1.18 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving "table markups".
Pmwiki Pmwiki 2.1.15
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.1.17
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.12
Pmwiki Pmwiki 2.1.14
Pmwiki Pmwiki 2.1.3
Pmwiki Pmwiki 2.1.5
Pmwiki Pmwiki 2.1.11
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.1.10
Pmwiki Pmwiki 2.1.7
Pmwiki Pmwiki 2.1.8
Pmwiki Pmwiki 2.1.9
NA
CVE-2006-2840
Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.3
Pmwiki Pmwiki 2.0.4
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.3
Pmwiki Pmwiki 2.0.13
Pmwiki Pmwiki 2.0.2
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.0.1
Pmwiki Pmwiki 2.0.10
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.6
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.5
Pmwiki Pmwiki 2.0.11
Pmwiki Pmwiki 2.0.12
Pmwiki Pmwiki 2.0.8
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki
NA
CVE-2006-0479
pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] v...
Pmwiki Pmwiki 2.1 Beta 20
1 EDB exploit
NA
CVE-2005-3849
Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Pmwiki Pmwiki 2.0.4
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.1
Pmwiki Pmwiki 2.0.6
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.0.8
Pmwiki Pmwiki 2.0.2
Pmwiki Pmwiki 2.0.3
Pmwiki Pmwiki 2.0.10
Pmwiki Pmwiki 2.0.11
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started