Vulnerabilities > Moinmo > High

DATE CVE VULNERABILITY TITLE RISK
2020-11-10 CVE-2020-25074 Path Traversal vulnerability in multiple products
The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request.
network
low complexity
moinmo debian CWE-22
7.5
2010-03-29 CVE-2009-4762 Permissions, Privileges, and Access Controls vulnerability in Moinmo Moinmoin
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
network
low complexity
moinmo CWE-264
7.5
2010-02-26 CVE-2010-0717 Configuration vulnerability in Moinmo Moinmoin
The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.
network
low complexity
moinmo CWE-16
7.5
2010-02-26 CVE-2010-0669 Security vulnerability in MoinMoin
MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.
network
low complexity
moinmo
7.5