Vulnerabilities > Moinmo > Moinmoin > 1.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-02-26 | CVE-2010-0669 | Security vulnerability in MoinMoin MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors. | 7.5 |
2010-02-26 | CVE-2010-0668 | Security vulnerability in MoinMoin Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured. network moinmo | 6.8 |
2009-04-29 | CVE-2009-1482 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260. | 4.3 |
2009-03-30 | CVE-2008-6549 | Unspecified vulnerability in Moinmo Moinmoin 1.6.1 The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. | 5.0 |