Vulnerabilities > Moinmoin > Medium

DATE CVE VULNERABILITY TITLE RISK
2007-05-13 CVE-2007-2637 Remote Security vulnerability in MoinMoin
MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.
network
low complexity
ubuntu moinmoin
5.0
2007-05-02 CVE-2007-2423 Cross-Site Scripting vulnerability in Moinmoin 1.5.7
Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the do parameter in an AttachFile action, a different vulnerability than CVE-2007-0857.
network
moinmoin
5.8
2007-02-13 CVE-2007-0902 Cross-Site Scripting vulnerability in Moinmoin 1.5.7
Unspecified vulnerability in the "Show debugging information" feature in MoinMoin 1.5.7 allows remote attackers to obtain sensitive information.
network
low complexity
moinmoin
5.0
2007-02-13 CVE-2007-0901 Cross-Site Scripting vulnerability in Moinmoin 1.5.7
Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857.
network
moinmoin
4.3
2007-02-08 CVE-2007-0857 Cross-Site Scripting vulnerability in MoinMoin
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4) LocalSiteMap action.
network
moinmoin
4.3