Vulnerabilities > Mojolicious

DATE CVE VULNERABILITY TITLE RISK
2011-05-03 CVE-2011-1841 Cross-Site Scripting vulnerability in Mojolicious
Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2011-05-03 CVE-2010-4803 Improper Input Validation vulnerability in Mojolicious
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
network
low complexity
mojolicious CWE-20
critical
10.0
2011-05-03 CVE-2010-4802 Improper Input Validation vulnerability in Mojolicious
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
network
low complexity
mojolicious CWE-20
critical
10.0
2011-05-03 CVE-2009-5074 Unspecified vulnerability in Mojolicious
Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors.
network
low complexity
mojolicious
critical
10.0
2011-04-29 CVE-2011-1589 Path Traversal vulnerability in Mojolicious
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
network
low complexity
mojolicious CWE-22
5.0