Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

ikiwiki ikiwiki vulnerabilities and exploits

(subscribe to this query)
0.003
EPSS

CVE-2011-1401

ikiwiki prior to 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS)...
Ikiwiki IkiwikiIkiwiki Ikiwiki 1.0Ikiwiki Ikiwiki 1.1Ikiwiki Ikiwiki 1.1.47Ikiwiki Ikiwiki 1.2Ikiwiki Ikiwiki 1.3Ikiwiki Ikiwiki 1.4Ikiwiki Ikiwiki 1.5Ikiwiki Ikiwiki 1.6Ikiwiki Ikiwiki 1.7Ikiwiki Ikiwiki 1.8Ikiwiki Ikiwiki 1.9
0.005
EPSS

CVE-2009-2944

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki prior to 3.1415926 and 2.x prior to 2.53.4 allows context-dependent malicious users to read arbitrary files via crafted TeX commands.
Ikiwiki IkiwikiIkiwiki Ikiwiki 2.0Ikiwiki Ikiwiki 2.00Ikiwiki Ikiwiki 2.1Ikiwiki Ikiwiki 2.2Ikiwiki Ikiwiki 2.3Ikiwiki Ikiwiki 2.4Ikiwiki Ikiwiki 2.5Ikiwiki Ikiwiki 2.6Ikiwiki Ikiwiki 2.6.1Ikiwiki Ikiwiki 2.7Ikiwiki Ikiwiki 2.8
0.004
EPSS

CVE-2012-0220

Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki prior to 3.20120516 allow remote malicious users to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags.
Ikiwiki IkiwikiIkiwiki Ikiwiki 1.0Ikiwiki Ikiwiki 1.1Ikiwiki Ikiwiki 1.1.47Ikiwiki Ikiwiki 1.2Ikiwiki Ikiwiki 1.3Ikiwiki Ikiwiki 1.4Ikiwiki Ikiwiki 1.5Ikiwiki Ikiwiki 1.6Ikiwiki Ikiwiki 1.7Ikiwiki Ikiwiki 1.8Ikiwiki Ikiwiki 1.9
0.003
EPSS

CVE-2010-1195

Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x prior to 2.53.5 and 3.x prior to 3.20100312 allows remote malicious users to inject arbitrary web script or HTML via a crafted data:image/svg+xml URI.
Ikiwiki Ikiwiki 2.0Ikiwiki Ikiwiki 2.1Ikiwiki Ikiwiki 2.2Ikiwiki Ikiwiki 2.3Ikiwiki Ikiwiki 2.4Ikiwiki Ikiwiki 2.5Ikiwiki Ikiwiki 2.10Ikiwiki Ikiwiki 2.11Ikiwiki Ikiwiki 2.12Ikiwiki Ikiwiki 2.13Ikiwiki Ikiwiki 2.14Ikiwiki Ikiwiki 2.15
0.004
EPSS

CVE-2008-0169

Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 up to and including 2.47 allows remote malicious users to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty passw...
Ikiwiki Ikiwiki 1.5Ikiwiki Ikiwiki 1.34Ikiwiki Ikiwiki 1.34.1Ikiwiki Ikiwiki 1.34.2Ikiwiki Ikiwiki 1.35Ikiwiki Ikiwiki 1.36Ikiwiki Ikiwiki 1.37Ikiwiki Ikiwiki 1.38Ikiwiki Ikiwiki 1.39Ikiwiki Ikiwiki 1.40Ikiwiki Ikiwiki 1.41Ikiwiki Ikiwiki 1.42
0.003
EPSS

CVE-2019-9187

ikiwiki prior to 3.20170111.1 and 3.2018x and 3.2019x prior to 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs.
Ikiwiki IkiwikiIkiwiki Ikiwiki 3.20180105Ikiwiki Ikiwiki 3.20180228Ikiwiki Ikiwiki 3.20180311
0.004
EPSS

CVE-2008-0808

Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki prior to 1.1.47 allows remote malicious users to inject arbitrary web script or HTML via meta tags.
Ikiwiki IkiwikiIkiwiki Ikiwiki 1.33.3Ikiwiki Ikiwiki 2.31
0.002
EPSS

CVE-2013-6047

Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting prior to 0.20131025 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ikiwiki Hosting Project Ikiwiki HostingIkiwiki Hosting Project Ikiwiki Hosting 0.20110401Ikiwiki Hosting Project Ikiwiki Hosting 0.20110420Ikiwiki Hosting Project Ikiwiki Hosting 0.20110424Ikiwiki Hosting Project Ikiwiki Hosting 0.20110515Ikiwiki Hosting Project Ikiwiki Hosting 0.20110608Ikiwiki Hosting Project Ikiwiki Hosting 0.20110926Ikiwiki Hosting Project Ikiwiki Hosting 0.20111005Ikiwiki Hosting Project Ikiwiki Hosting 0.20120125Ikiwiki Hosting Project Ikiwiki Hosting 0.20120131Ikiwiki Hosting Project Ikiwiki Hosting 0.20120425Ikiwiki Hosting Project Ikiwiki Hosting 0.20120526
0.003
EPSS

CVE-2011-0428

Cross Site Scripting (XSS) in ikiwiki prior to 3.20110122 could allow remote malicious users to insert arbitrary JavaScript due to insufficient checking in comments.
Ikiwiki Ikiwiki
0.003
EPSS

CVE-2010-1673

A cross-site scripting (XSS) vulnerability in ikiwiki prior to 3.20101112 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Ikiwiki Ikiwiki
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-48132man-in-the-middleCVE-2024-47893CVE-2025-4664CVE-2025-4795CVE-2025-4476server-side request forgeryjavier revillacurcyapp cheapcsv mass importerwirelessCVE-2024-46982
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook