Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moinmo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-2970
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x prior to 1.9.3 allow remote malicious users to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar...
Moinmo Moinmoin 1.9.2
Moinmo Moinmoin 1.9.0
Moinmo Moinmoin 1.9.1
6.4
CVSSv2
CVE-2012-6080
Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 up to and including 1.9.5 allows remote malicious users to overwrite arbitrary files via a .. (dot dot) in a file name.
Moinmo Moinmoin 1.9.3
Moinmo Moinmoin 1.9.4
Moinmo Moinmoin 1.9.5
3.5
CVSSv2
CVE-2010-0828
Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.
Moinmo Moinmoin 1.8.7
Moinmo Moinmoin 1.9.2
6.8
CVSSv2
CVE-2008-6603
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote malicious users to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.
Moinmo Moinmoin 1.6.2
Moinmo Moinmoin 1.7.0
3.5
CVSSv2
CVE-2020-15275
MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are stro...
Moinmo Moinmoin
4.3
CVSSv2
CVE-2016-7146
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via pag...
Moinmo Moinmoin 1.9.8
4.3
CVSSv2
CVE-2016-7148
MoinMoin 1.9.8 allows remote malicious users to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
Moinmo Moinmoin 1.9.8
5
CVSSv2
CVE-2010-1238
MoinMoin 1.7.1 allows remote malicious users to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values.
Moinmo Moinmoin 1.7.1
4.3
CVSSv2
CVE-2012-6082
Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1.9.5 allows remote malicious users to inject arbitrary web script or HTML via the page name in a rss link.
Moinmo Moinmoin 1.9.5
5
CVSSv2
CVE-2010-0667
MoinMoin 1.9 prior to 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Moinmo Moinmoin 1.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »