Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2008-1230
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
435
VMScore
CVE-2008-1229
Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
935
VMScore
CVE-2008-1231
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Jspwiki Jspwiki 2.5.139 Beta
Jspwiki Jspwiki 2.4.104
Jspwiki Jspwiki 2.5.139
1 EDB exploit
383
VMScore
CVE-2004-1544
Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and previous versions allows remote malicious users to execute arbitrary web script as other users via the query parameter.
Jspwiki Jspwiki 2.1.120
Jspwiki Jspwiki 2.1.121
Jspwiki Jspwiki 2.1.122
383
VMScore
CVE-2007-5119
JSPWiki 2.4.103 and 2.5.139-beta allows remote malicious users to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
Jspwiki Jspwiki 2.4.103
Jspwiki Jspwiki 2.5.139-beta
460
VMScore
CVE-2007-5120
Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote malicious users to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) editti...
Jspwiki Jspwiki 2.5.139-beta
Jspwiki Jspwiki 2.4.103
6 EDB exploits
383
VMScore
CVE-2007-5121
Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allows remote malicious users to inject arbitrary web script or HTML via the redirect parameter to wiki-3/Login.jsp and unspecified other components.
Jspwiki Jspwiki 2.5.139-beta
383
VMScore
CVE-2019-0224
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own brow...
Apache Jspwiki
Apache Jspwiki 2.11.0
694
VMScore
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
383
VMScore
CVE-2019-12404
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive ...
Apache Jspwiki 2.11.0
Apache Jspwiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »