Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moinmo moinmoin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-6548
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows malicious users to read unauthorized include files via unknown vectors.
Moinmo Moinmoin 1.6.1
5
CVSSv2
CVE-2008-6549
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote malicious users to cause a denial of service (segmentation fault and crash) via unknown vectors.
Moinmo Moinmoin 1.6.1
7.5
CVSSv2
CVE-2020-25074
The cache action in action/cache.py in MoinMoin up to and including 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.
Moinmo Moinmoin
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2009-1482
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to pa...
Moinmoin Moinmoin 0.10
Moinmoin Moinmoin 0.11
Moinmoin Moinmoin 1.1
Moinmoin Moinmoin 1.5.3
Moinmoin Moinmoin 1.6
Moinmoin Moinmoin 1.5.5a
Moinmoin Moinmoin 1.5.5 Rc1
Moinmoin Moinmoin 1.7
Moinmoin Moinmoin 1.7.0
Moinmoin Moinmoin 0.3
Moinmoin Moinmoin 0.7
Moinmoin Moinmoin 1.5.1
Moinmoin Moinmoin 1.5.0
Moinmoin Moinmoin 1.5.6
Moinmoin Moinmoin 1.5.7
Moinmoin Moinmoin 1.5.3 Rc2
Moinmoin Moinmoin 1.6.1
Moinmoin Moinmoin 1.7.3
Moinmoin Moinmoin 1.8.0
Moinmoin Moinmoin 0.8
Moinmoin Moinmoin 0.1
Moinmoin Moinmoin 1.0
4.3
CVSSv2
CVE-2016-9119
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin prior to 1.9.8 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moinmo Moinmoin
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2017-5934
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin prior to 1.9.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moinmo Moinmoin
Opensuse Leap 42.3
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3