Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki 1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4641
SQL injection vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Xwiki Xwiki 1.0
Xwiki Xwiki 1.1
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.790
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.1252
Xwiki Xwiki 0.9.543
Xwiki Xwiki
4.3
CVSSv2
CVE-2010-4642
Cross-site scripting (XSS) vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Xwiki Xwiki 1.1
Xwiki Xwiki 1.0
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.790
Xwiki Xwiki
Xwiki Xwiki 0.9.543
Xwiki Xwiki 0.9.1252
4.3
CVSSv2
CVE-2010-4640
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote malicious users to inject arbitrary web script or HTML via the rev parameter to (1) bin/viewrev/Main/WebHome and (2) bin/view/Blog, and the (3) register_first_name and (4) register_last_name param...
Xwiki Xwiki Watch 1.0
3.5
CVSSv2
CVE-2007-4888
The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable with the entire document content and metadata regardless of a user's view rights, which allows remote authenticated users to read arbitrary documents via a custom skin...
Xwiki Xwiki 1.0 B2
Xwiki Xwiki 1.0 B1
NA
CVE-2022-36094
XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it's possible to store JavaScript which will be executed by anyone viewing the history of an attachme...
Xwiki Xwiki
NA
CVE-2023-41046
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "Velocity...
Xwiki Xwiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started