Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pmwiki pmwiki vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2010-4662
PmWiki prior to 2.2.21 has XSS.
Pmwiki Pmwiki
2 Github repositories
760
VMScore
CVE-2011-4453
The PageListSort function in scripts/pagelist.php in PmWiki 2.x prior to 2.2.35 allows remote malicious users to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
Pmwiki Pmwiki 2.1.25
Pmwiki Pmwiki 2.2.0
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.2.28
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.2.32
Pmwiki Pmwiki 2.1.9
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.8
Pmwiki Pmwiki 2.1.10
Pmwiki Pmwiki 2.1.18
Pmwiki Pmwiki 2.0.4
Pmwiki Pmwiki 2.1.24
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.0.1
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.0.13
Pmwiki Pmwiki 2.2.18
Pmwiki Pmwiki 2.2.21
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.2.6
2 EDB exploits
383
VMScore
CVE-2010-4748
Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote malicious users to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information.
Pmwiki Pmwiki 2.2.20
312
VMScore
CVE-2010-1481
Cross-site scripting (XSS) vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute.
Pmwiki Pmwiki 2.2.15
383
VMScore
CVE-2006-4453
Cross-site scripting (XSS) vulnerability in PmWiki prior to 2.1.18 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving "table markups".
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.9
Pmwiki Pmwiki 2.1.10
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.1.15
Pmwiki Pmwiki 2.1.5
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.1.12
Pmwiki Pmwiki 2.1.3
Pmwiki Pmwiki 2.1.8
Pmwiki Pmwiki 2.1.11
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.17
Pmwiki Pmwiki 2.1.7
Pmwiki Pmwiki 2.1.14
605
VMScore
CVE-2006-2840
Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.8
Pmwiki Pmwiki 2.0.4
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.0.1
Pmwiki Pmwiki 2.0.13
Pmwiki Pmwiki 2.1.5
Pmwiki Pmwiki 2.0.2
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki 2.1.3
Pmwiki Pmwiki 2.0.11
Pmwiki Pmwiki 2.0.6
Pmwiki Pmwiki 2.0.12
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.0.3
Pmwiki Pmwiki 2.0.10
435
VMScore
CVE-2006-0479
pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote malicious users to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] v...
Pmwiki Pmwiki 2.1 Beta 20
1 EDB exploit
435
VMScore
CVE-2005-3849
Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.8
Pmwiki Pmwiki 2.0.4
Pmwiki Pmwiki 2.0.1
Pmwiki Pmwiki 2.0.2
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki 2.0.11
Pmwiki Pmwiki
Pmwiki Pmwiki 2.0.6
Pmwiki Pmwiki 2.0.3
Pmwiki Pmwiki 2.0.10
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started