Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
NA
CVE-2008-1231
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2008-1229
Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2008-1230
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
NA
CVE-2007-5119
JSPWiki 2.4.103 and 2.5.139-beta allows remote malicious users to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
Jspwiki Jspwiki 2.4.103
Jspwiki Jspwiki 2.5.139-beta
NA
CVE-2007-5120
Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote malicious users to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) editti...
Jspwiki Jspwiki 2.5.139-beta
Jspwiki Jspwiki 2.4.103
6 EDB exploits
NA
CVE-2007-5121
Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allows remote malicious users to inject arbitrary web script or HTML via the redirect parameter to wiki-3/Login.jsp and unspecified other components.
Jspwiki Jspwiki 2.5.139-beta
6.1
CVSSv3
CVE-2019-12404
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10076
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10078
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
Apache Jspwiki
Apache Jspwiki 2.11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »