Max CVSS 5.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1099 5.0
_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages.
03-10-2018 - 21:53 05-03-2008 - 20:44
CVE-2008-0781 4.3
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames.
03-10-2018 - 21:53 14-02-2008 - 21:00
CVE-2008-0780 4.3
Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action.
03-10-2018 - 21:53 14-02-2008 - 21:00
CVE-2008-1098 4.3
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) certain input processed by formatter/text_gedit.py (aka the gui editor formatter); (2) a page name
03-10-2018 - 21:53 05-03-2008 - 20:44
CVE-2008-0782 5.0
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code executio
03-10-2018 - 21:53 14-02-2008 - 21:00
CVE-2007-2637 5.0
MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.
29-07-2017 - 01:31 13-05-2007 - 23:19
CVE-2007-2423 5.8
Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the do parameter in an AttachFile action, a different vulnerability than CVE-2007-0857. NOTE: the provenance o
13-11-2008 - 06:38 02-05-2007 - 00:19
Back to Top Mark selected
Back to Top