OpenCVE

Filtered by vendor Moinmo Subscriptions

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2010-0667	1 Moinmo	1 Moinmoin	2024-11-21	N/A
MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2009-4762	1 Moinmo	1 Moinmoin	2024-11-21	N/A
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
CVE-2009-1482	2 Moinmo, Moinmoin	2 Moinmoin, Moinmoin	2024-11-21	N/A
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.
CVE-2008-6603	1 Moinmo	1 Moinmoin	2024-11-21	N/A
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.
CVE-2008-6549	1 Moinmo	1 Moinmoin	2024-11-21	N/A
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
CVE-2008-6548	1 Moinmo	1 Moinmoin	2024-11-21	N/A
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.

« first previous Page 2 of 2.