Refine your search
2 vulnerabilities found for RWiki by rwiki-devel
jvndb-2006-000621
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
RWiki cross-site scripting vulnerability
Details
RWiki, software written in Ruby providing Wiki functions, contains a cross-site scripting vulnerability, as content is not adequately escaped for display.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000621.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "RWiki, software written in Ruby providing Wiki functions, contains a cross-site scripting vulnerability, as content is not adequately escaped for display.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000621.html",
"sec:cpe": {
"#text": "cpe:/a:rwiki:rwiki",
"@product": "RWiki",
"@vendor": "rwiki-devel",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000621",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN16558862/index.html",
"@id": "JVN#16558862",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2581",
"@id": "CVE-2006-2581",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2581",
"@id": "CVE-2006-2581",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/20264",
"@id": "SA20264",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/26664",
"@id": "26664",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/1949",
"@id": "FrSIRT/ADV-2006-1949",
"@source": "FRSIRT"
}
],
"title": "RWiki cross-site scripting vulnerability"
}
jvndb-2006-000620
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
RWiki arbitrary Ruby script execution vulnerability
Details
RWiki, one of Wiki clones, contains a vulnerability allowing execution of arbitrary Ruby scripts on its edit mode page.
References
| Type | URL | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000620.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "RWiki, one of Wiki clones, contains a vulnerability allowing execution of arbitrary Ruby scripts on its edit mode page.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000620.html",
"sec:cpe": {
"#text": "cpe:/a:rwiki:rwiki",
"@product": "RWiki",
"@vendor": "rwiki-devel",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000620",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN46691257/index.html",
"@id": "JVN#46691257",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2582",
"@id": "CVE-2006-2582",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2582",
"@id": "CVE-2006-2582",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/20264",
"@id": "SA20264",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/26668",
"@id": "26668",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/1949",
"@id": "FrSIRT/ADV-2006-1949",
"@source": "FRSIRT"
}
],
"title": "RWiki arbitrary Ruby script execution vulnerability"
}