Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xwiki xwiki 1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4641
SQL injection vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Xwiki Xwiki 1.0
Xwiki Xwiki 1.1
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.790
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.1252
Xwiki Xwiki 0.9.543
Xwiki Xwiki
4.3
CVSSv2
CVE-2010-4642
Cross-site scripting (XSS) vulnerability in XWiki Enterprise prior to 2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Xwiki Xwiki 1.1
Xwiki Xwiki 1.0
Xwiki Xwiki 0.9.840
Xwiki Xwiki 0.9.793
Xwiki Xwiki 0.9.790
Xwiki Xwiki
Xwiki Xwiki 0.9.543
Xwiki Xwiki 0.9.1252
4.3
CVSSv2
CVE-2010-4640
Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote malicious users to inject arbitrary web script or HTML via the rev parameter to (1) bin/viewrev/Main/WebHome and (2) bin/view/Blog, and the (3) register_first_name and (4) register_last_name param...
Xwiki Xwiki Watch 1.0
3.5
CVSSv2
CVE-2007-4888
The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable with the entire document content and metadata regardless of a user's view rights, which allows remote authenticated users to read arbitrary documents via a custom skin...
Xwiki Xwiki 1.0 B2
Xwiki Xwiki 1.0 B1
NA
CVE-2023-41046
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "Velocity...
Xwiki Xwiki
NA
CVE-2022-36094
XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it's possible to store JavaScript which will be executed by anyone viewing the history of an attachme...
Xwiki Xwiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started