Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2021-3340 (GCVE-0-2021-3340)

Vulnerability from cvelistv5 – Published: 2021-02-01 21:01 – Updated: 2024-08-03 16:53

Summary

A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://sourceforge.net/projects/wikindx/	x_refsource_MISC
https://sourceforge.net/p/wikindx/news/2021/01/wi…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:53:17.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/projects/wikindx/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/news/2021/01/wikindx-v641-released/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-01T21:01:09.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/projects/wikindx/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/p/wikindx/news/2021/01/wikindx-v641-released/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-3340",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceforge.net/projects/wikindx/",
              "refsource": "MISC",
              "url": "https://sourceforge.net/projects/wikindx/"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/news/2021/01/wikindx-v641-released/",
              "refsource": "MISC",
              "url": "https://sourceforge.net/p/wikindx/news/2021/01/wikindx-v641-released/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-3340",
    "datePublished": "2021-02-01T21:01:09.000Z",
    "dateReserved": "2021-01-28T00:00:00.000Z",
    "dateUpdated": "2024-08-03T16:53:17.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13588 (GCVE-0-2019-13588)

Vulnerability from cvelistv5 – Published: 2019-07-26 21:01 – Updated: 2024-08-04 23:57

Summary

A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

3 references

URL	Tags
https://sourceforge.net/p/wikindx/code/commit_browser	x_refsource_CONFIRM
https://sourceforge.net/p/wikindx/code/2794/	x_refsource_CONFIRM
https://sourceforge.net/p/wikindx/code/2801/tree/…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:57:39.423Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/commit_browser"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2794/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2801/tree//wikindx/trunk/CHANGELOG.txt?diff=51060a0c271846770c56c75a:2800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-22T18:11:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/commit_browser"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2794/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2801/tree//wikindx/trunk/CHANGELOG.txt?diff=51060a0c271846770c56c75a:2800"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13588",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceforge.net/p/wikindx/code/commit_browser",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/commit_browser"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/code/2794/",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/2794/"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/code/2801/tree//wikindx/trunk/CHANGELOG.txt?diff=51060a0c271846770c56c75a:2800",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/2801/tree//wikindx/trunk/CHANGELOG.txt?diff=51060a0c271846770c56c75a:2800"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13588",
    "datePublished": "2019-07-26T21:01:43.000Z",
    "dateReserved": "2019-07-14T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:57:39.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12930 (GCVE-0-2019-12930)

Vulnerability from cvelistv5 – Published: 2019-07-08 19:20 – Updated: 2024-08-04 23:32

Summary

A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

3 references

URL	Tags
https://sourceforge.net/p/wikindx/code/2787	x_refsource_CONFIRM
https://sourceforge.net/p/wikindx/code/2788	x_refsource_CONFIRM
https://sourceforge.net/p/wikindx/news/2019/07/wi…	x_refsource_CONFIRM

Date Public

2019-07-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:32:55.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2788"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/news/2019/07/wikindx-581-released/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-07-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-08T19:20:28.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2788"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/news/2019/07/wikindx-581-released/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12930",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceforge.net/p/wikindx/code/2787",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/2787"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/code/2788",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/2788"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/news/2019/07/wikindx-581-released/",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/news/2019/07/wikindx-581-released/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12930",
    "datePublished": "2019-07-08T19:20:28.000Z",
    "dateReserved": "2019-06-22T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:32:55.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-9961 (GCVE-0-2019-9961)

Vulnerability from cvelistv5 – Published: 2019-03-26 18:45 – Updated: 2024-08-04 22:10

Summary

A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://sourceforge.net/p/wikindx/code/2624/	x_refsource_MISC
https://sourceforge.net/p/wikindx/code/2656/	x_refsource_CONFIRM

Date Public

2019-03-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:08.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2624/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/wikindx/code/2656/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-03-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-28T13:23:08.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2624/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceforge.net/p/wikindx/code/2656/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9961",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceforge.net/p/wikindx/code/2624/",
              "refsource": "MISC",
              "url": "https://sourceforge.net/p/wikindx/code/2624/"
            },
            {
              "name": "https://sourceforge.net/p/wikindx/code/2656/",
              "refsource": "CONFIRM",
              "url": "https://sourceforge.net/p/wikindx/code/2656/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9961",
    "datePublished": "2019-03-26T18:45:13.000Z",
    "dateReserved": "2019-03-23T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:10:08.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

4 vulnerabilities by wikindx_project

CVE-2021-3340 (GCVE-0-2021-3340)

CVE-2019-13588 (GCVE-0-2019-13588)

CVE-2019-12930 (GCVE-0-2019-12930)

CVE-2019-9961 (GCVE-0-2019-9961)