Vulnerabilities (CVE)

Filtered by vendor Moinmo Subscribe

Filtered by product Moinmoin

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2010-2487	1 Moinmo	1 Moinmoin	2010-08-05	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.
CVE-2009-4762	1 Moinmo	1 Moinmoin	2010-05-27	7.5 HIGH	N/A
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
CVE-2010-1238	1 Moinmo	1 Moinmoin	2010-04-28	5.0 MEDIUM	N/A
MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values.
CVE-2010-0669	1 Moinmo	1 Moinmoin	2010-03-31	7.5 HIGH	N/A
MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.
CVE-2010-0667	1 Moinmo	1 Moinmoin	2010-03-01	5.0 MEDIUM	N/A
MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2008-6549	1 Moinmo	1 Moinmoin	2009-03-30	5.0 MEDIUM	N/A
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.